[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
- To: bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>, full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>, <info@xxxxxxxxxxxxx>, <vuln@xxxxxxxxxxx>, <cert@xxxxxxxx>, <nvd@xxxxxxxx>, <cve@xxxxxxxxx>
- Subject: Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
- From: Thierry Zoller <Thierry@xxxxxxxxx>
- Date: Tue, 21 Jul 2009 12:58:36 +0200
________________________________________________________________________
One bug to rule them all
IE5,IE6,IE7,IE8,Netscape,Firefox,Safari,Opera,Konqueror,
Seamonkey,Wii,PS3,iPhone,iPod,Nokia,Siemens.... and more.
________________________________________________________________________
Update/Changes :
----------------
Backround :
~~~~~~~~~~~
+ I failed to include details about the nature of the bug (DOM),
the root cause is a DOM flaw and not a Javascript flaw as the
Backround info might have lead to think.
Thanks James Schend for the heads up.
+ The bug was present in a 9 year old version of Netscape - draw your own
conclusions.
Patch availability :
~~~~~~~~~~~~~~~~~~~~
+ Seamonkey 1.1.17 and SeaMonkey 2 (soon to be Beta) have been patched
Affected Products :
~~~~~~~~~~~~~~~~~~~~
+ Blackberry 8800/probably all (null ptr exception, browser crash)
Thanks to "528-0444" for the Report.
+ Google G1 latest (Firmware 1.5, Kernel: 2.6.27-00393-g6607056, Build: CRB43)
(Browser crash)
Thanks Scott Fraser for the Report.
- Prev by Date:
[ GLSA 200907-16 ] Python: Integer overflows
- Next by Date:
RE: DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
- Previous by thread:
[ GLSA 200907-16 ] Python: Integer overflows
- Next by thread:
Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
- Index(es):