[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP

To: Full-Disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
From: William Warren <hescominsoon@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 12 Jul 2004 08:11:54 -0400

this made my mozilla 1.71 run slow and spiked my ram usage above 100 megs for a seconds..but no increase in paging file usage..when i shutdown the tab with that link mozie worked fine.

thE_iNviNciblE wrote:

Hi,

there is a security vulnerability in Firebox 0.92 (latest Version)

http://www.4rman.com/exploits/tinybmp.htm

this link causes that your virutal memory will be rise up 1,2 GB used Memory...

maybe Thunderbird 0.72 is also vulnerable via HTML.

credits to: StupidWhiteMan

-- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD.

-- carpe ductum -- "Grab the tape"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
  - From: thE_iNviNciblE

Prev by Date: Re: [Full-Disclosure] Is Mozilla's "patch" enough?
Next by Date: Re: [Full-Disclosure] Is Mozilla's "patch" enough?
Previous by thread: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Next by thread: Fwd: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Index(es):
- Date
- Thread