Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnwatch: Re: Re: Concurrency-related vulnerabilities in browsers - expect problems

Re: Re: Concurrency-related vulnerabilities in browsers - expect problems

From: Steven M. Christey <coley_at_linus.mitre.org>
Date: Thu, 17 Aug 2006 14:04:33 -0400 (EDT)

Some interesting work.

For those who haven't made the connection yet - concurrency issues
probably go far beyond just web browsers. It's a safe bet that *any*
software that's multi-threaded, multi-process, event-based, or
asynchronous could have these sorts of issues. Traditional data
manipulation techniques probably won't be effective in finding them.

In other words - concurrency is a rich area for future research, and web
browser bugs are probably the tip of the iceberg.

- Steve
Received on Aug 17 2006

This message: [ Message body ]
Next message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Cisco VPN 3000 Concentrator FTP Management Vulnerabilities"
Previous message: eEye Advisories: "[EEYEB-20060703] IBM eGatherer ActiveX Code Execution Vulnerability"
In reply to: Michal Zalewski: "Re: Concurrency-related vulnerabilities in browsers - expect problems"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]