[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP

To: st3ng4h <st3ng4h@xxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
From: "Jordan Cole (stilist)" <stilist@xxxxxxxxx>
Date: Mon, 12 Jul 2004 17:16:47 -0400

> This is precisely the point that almost everyone is missing
> completely (but still clamoring "it works on X, it doesn't work on
> Y"), and that Sapheriel pinpointed: the core problem lies in the
> Windows .bmp implementation.
> 
> So, I wonder aloud, what is the purpose of publishing 'advisories'
> that misattribute this flaw to IE [1] or Firefox or any of the other
> hundreds or thousands of programs that use it and can be DoSed as a
> result?

Admittedly; but here's the question: if it's all the fault of Windows
.bmp implementation, or the fact that it's about a gig of data, why
are certain browsers (like mine) not vulnerable to it? I'm going to
the same page as anyone else...

-- 

[stlst]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
  - From: thE_iNviNciblE
- Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
  - From: David Huecking
- Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
  - From: st3ng4h

Prev by Date: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Next by Date: Re: [Full-Disclosure] The Source Code Club is now open for business
Previous by thread: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Next by thread: AW: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Index(es):
- Date
- Thread