[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Safari javascript array overflow

To: undisclosed-recipients: ;
Subject: Re: [Full-Disclosure] Safari javascript array overflow
From: kr-ze@xxxxxxxxxxxx
Date: Mon, 8 Mar 2004 01:06:28 +0100 (CET)

I might note that, unlike what is suggested in the advisory, it is possible to 
exploit this issue, you just have to know a bit how MacOSX implements some 
standard functions, and use them right. I will not disclose any pof before 
Apple security upgrade, hence it is trivial to get remote code execution to 
work for any guy knowing its stuff well. (i suspect the way this advisory was 
written because it indeed gives some hidden hints about it ... )

kr.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] Counter-Attacking hackers? Is this really a good idea?
Next by Date: Re: [Full-Disclosure] Counter-Attacking hackers? Is this really a good idea?
Previous by thread: [Full-Disclosure] Safari javascript array overflow
Next by thread: [Full-Disclosure] [ GLSA 200403-01 ] Libxml2 URI Parsing Buffer Overflow Vulnerabilities
Index(es):
- Date
- Thread