[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
From: Thierry Zoller <Thierry@xxxxxxxxx>
Date: Wed, 17 Dec 2008 00:56:15 +0100

Hmm,
Why not link the bug posting itself, why not wait until patched?
ch> New unpatched security flaw found in Firefox 3.0.4
ch> PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699

nsHTMLFramesetFrame::Reflow(nsPresContext*, nsHTMLReflowMetrics&, 
nsHTMLReflowState const&, unsigned int&)
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/layout/generic/nsFrameSetFrame.cpp&rev=3.210&mark=1156#1156

-- 
http://secdev.zoller.lu
Thierry Zoller

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
  - From: carl hardwick

Prev by Date: [Full-disclosure] [ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code
Next by Date: Re: [Full-disclosure] ZDI-08-088: Oracle E-Business Suite Self-Service Web Applications SQL Injection Vulnerability
Previous by thread: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
Next by thread: Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
Index(es):
- Date
- Thread