[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4

To: carl hardwick <hardwick.carl@xxxxxxxxx>
Subject: Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
From: Andrew Farmer <andfarm@xxxxxxxxx>
Date: Wed, 17 Dec 2008 02:28:57 -0800

On 16 Dec 08, at 11:49, carl hardwick wrote:
> New unpatched security flaw found in Firefox 3.0.4
> PoC here: https://bugzilla.mozilla.org/attachment.cgi?id=302699

Relevant bug is https://bugzilla.mozilla.org/show_bug.cgi?id=416907

This doesn't appear to be security-critical - it's a NULL dereference.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
  - From: James Matthews

References:
- [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
  - From: carl hardwick

Prev by Date: Re: [Full-disclosure] ZDI-08-088: Oracle E-Business Suite Self-Service Web Applications SQL Injection Vulnerability
Next by Date: Re: [Full-disclosure] request for comments...
Previous by thread: Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
Next by thread: Re: [Full-disclosure] new unpatched security flaw found Firefox 3.0.4
Index(es):
- Date
- Thread