[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: RE: [Full-Disclosure] Firefox 0.92 DoS via TinyBMP
- From: "Eric Paynter" <eric@xxxxxxxxxxxxxxx>
- Date: Tue, 13 Jul 2004 10:15:18 -0700 (PDT)
On Mon, July 12, 2004 9:25 pm, Sapheriel said:
> what baffles me is how easily this problem could be countered. a simple
> check of bfsize versus filesize(-header and such) would suffice.
Most vulnerabilities can be countered with something very simple like a
size check, yet developers don't do it. :\
-Eric
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html