Re: Flaw in Firefox 2.0 RC2
Seems like the test cases trigger two different bugs. One is race that
prevents resources from being deallocated effectively and second is
infinite recursion.
https://bugzilla.mozilla.org/show_bug.cgi?id=348514 (closed)
https://bugzilla.mozilla.org/show_bug.cgi?id=323394 (open)
But I am not really sure.
On Ut, 2006-10-17 at 09:09 +0000, Mike@xxxxxxxxx wrote:
http://lcamtuf.coredump.cx/ffoxdie.html
this exploit still works with the latest Firefox 2.0 RC3
--
Lubomir Kundrak (Red Hat Security Response Team)
Relevant Pages
- Re: [PATCH] oom killer (Core)
... after I had no resources to track 2.4 anymore. ... > the watermark comes for free. ... You can get an I/O race where your program is about to finish a failing ... If you don't check the watermarks after waiting for I/O, ...
(Linux-Kernel) - Re: Update 1: Is that all after two years ?
... > Fixing bugs really does not require much resources. ... > This is also very frustrating for developers. ...
(borland.public.delphi.non-technical) - Re: Sun using the "I" word
... > Dunno about the early design phase. ... Not so much 'more resources' perhaps as more dedicated, ... Your description of specific bugs here was the first such description ... release of McKinley in July, ...
(comp.os.vms) - Re: OMG! Do you KNOW what Sonys DSLR bodies are made from?
... of dead bugs under time and pressure.... ... Economic liberalism, (especially cult-like economic rationalist ... humanity unless resources are considered to be infinite. ... The environazis do whatever they to eliminate dissenting views, ...
(rec.photo.digital.slr-systems) - Re: OMG! Do you KNOW what Sonys DSLR bodies are made from?
... of dead bugs under time and pressure.... ... Economic liberalism, (especially cult-like economic rationalist ... humanity unless resources are considered to be infinite. ... The environazis do whatever they to eliminate dissenting views, ...
(rec.photo.digital.slr-systems) |
|
