[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Buffer Overflow vulnerability in Windows Display Manager [Suspected]
- To: Sumit Siddharth <sumit.siddharth@xxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Buffer Overflow vulnerability in Windows Display Manager [Suspected]
- From: Lise Moorveld <lise_moorveld@xxxxxxxxx>
- Date: Mon, 2 Jan 2006 06:06:56 -0800 (PST)
Dear Sumit,
Could you tell me how you exploited this buffer
overflow issue in Firefox so I can try and reproduce
it? I notice a lot of A's in your address bar but I'm
not sure whether that's it and if so, how many A's are
used.
Regards,
Lise
--- Sumit Siddharth <sumit.siddharth@xxxxxxxxx> wrote:
> Hi,
> The Windows display manager crashes when a BOF is
> attempted on a mozilla
> firefox.
> This has different results on different windows
> machine.
> In Windows XP only the display manager crashes ,
> whereas on a Windows 2000
> server the BSOD(Blue screen of death )appears and
> the system hangs.
> I am using Firefox 1.0.6. I think that the bug is in
> the display driver and
> not with firefox. Kindly find a screen shot attached
> with this email.
>
> Thanks
> Sumit
>
>
> --
>
> Sumit Siddharth
> Information Security Analyst
> NII Consulting
> Web: www.nii.co.in
> ------------------------------------
> NII Security Advisories
> http://www.nii.co.in/resources/advisories.html
> ------------------------------------
> > _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
>
http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia -
http://secunia.com/
__________________________________________
Yahoo! DSL ? Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/