Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Firefox 0.92 DoS via TinyBMP & Thunderbird 0.72 & Outlook Express (latest Version)
From: thE_iNviNciblE <the_invincible () gmx de>
Date: Mon, 12 Jul 2004 21:59:02 +0200

Hello,

i can confirm this bug für Thunderbird 0.72, but the behavior(you don't
really detect this bug) isn't so stupid as like by Outlook Express 6
(Total Crash up to Systemcrash, if you do enough *.bmp in the eMail)

<IMG ... src="http://www.4rman.com/exploits/little.bmp"; .....

i know this exploit is pretty old, but has someone testet it against
Anti Virus Programs?

other famous picture Viewer detect this bug...


  MfG thE_iNviNciblE
  ------------------
  Wissen ist Macht

Freie Meinung: http://www.your-mind-is-free.de.vu
IT-Security  : http://www.kid2elite.de.vu
IT-Forum     : http://www.security-focus.de.vu



thE_iNviNciblE wrote:
Hi,

there is a security vulnerability in Firebox 0.92 (latest Version)

http://www.4rman.com/exploits/tinybmp.htm

this link causes that your virutal memory will be rise up 1,2 GB used Memory...

maybe Thunderbird 0.72 is also vulnerable via HTML.

credits to: StupidWhiteMan




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]