Full Disclosure: Re: Apple Safari ... DoS Vulnerability

Re: Apple Safari ... DoS Vulnerability

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 03 Mar 2009 22:52:48 +1300

Chris Evans to me:

So, you have injected HTML into stupid.com, and you choose to inflict
the fury of a closing tab upon hapless visitors?


Your point?

I said nothing about how big or bad of a vulnerability it is, just that 
it is one.

Are there lots and lots of trivial vulns in software?

Yes.

Do we reliably know which ones are safe to ignore?

Not if history is any vague kind of guide...


Regards,

Nick FitzGerald


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Apple Safari ... DoS Vulnerability nzerozero p (Mar 01)
- <Possible follow-ups>
- Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 03)
  - Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Michal Zalewski (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Valdis . Kletnieks (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Michal Zalewski (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Nick FitzGerald (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Stuart Dunkeld (Mar 04)
    - Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 04)
  - Re: Apple Safari ... DoS Vulnerability jf (Mar 03)
    - Re: Apple Safari ... DoS Vulnerability Chris Evans (Mar 03)

(Thread continues...)