Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnwatch: Re: Concurrency-related vulnerabilities in browsers - expect problems

Re: Concurrency-related vulnerabilities in browsers - expect problems

From: Michal Zalewski <lcamtuf_at_dione.ids.pl>
Date: Tue, 15 Aug 2006 21:41:48 +0200 (CEST)

Here's another separate issue that typically causes fault on memory access
to website-influenced memory access:

http://lcamtuf.coredump.cx/ffoxdie3.html

This is separate from the previously presented example (which, remarkably,
also had a tendency to trigger an unrelated call stack overflow due to XML
parsing glitch on some platforms, which caused some confusion - my bad).

Note that because it depends on timing more heavily, it may not work in
the first shot on all computers (though it should).

/mz
Received on Aug 17 2006

This message: [ Message body ]
Next message: eEye Advisories: "[EEYEB-20060703] IBM eGatherer ActiveX Code Execution Vulnerability"
Previous message: Michal Zalewski: "Concurrency-related vulnerabilities in browsers - expect problems"
In reply to: Michal Zalewski: "Concurrency-related vulnerabilities in browsers - expect problems"
Next in thread: Steven M. Christey: "Re: Re: Concurrency-related vulnerabilities in browsers - expect problems"
Reply: Steven M. Christey: "Re: Re: Concurrency-related vulnerabilities in browsers - expect problems"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]