[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
From: Thomas Kaschwig <sec@xxxxxxxxxxxx>
Date: Mon, 12 Jul 2004 15:19:25 +0200

Hi,

thE_iNviNciblE wrote:

> there is a security vulnerability in Firebox 0.92 (latest Version)
>
> http://www.4rman.com/exploits/tinybmp.htm
>
> this link causes that your virutal memory will be rise up 1,2 GB used
> Memory...

There is no such effect with Firefox 0.9.1 on Linux, the virtual memory 
for `fixefox-bin' goes only up to 76MB. It seems to be an Windows-only 
exploit.

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040626 
Firefox/0.9.1

Thomas
-- 
PGP/GnuPG: http://www.kaschwig.net/kaschwig.gpg.asc * KeyID: 0x3D68D63A
Fingerprint: 274A 4CB8 B362 D593 39D6 0989 8FC3 725F 3D68 D63A
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
  - From: thE_iNviNciblE

Prev by Date: RE: [Full-Disclosure] Erasing a hard disk easily
Next by Date: Re: [Full-Disclosure] Erasing a hard disk easily
Previous by thread: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP & Thunderbird 0.72 & Outlook Express (latest Version)
Next by thread: Re: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
Index(es):
- Date
- Thread