On 5/1/07, carl hardwick <[EMAIL PROTECTED]> wrote: > Product: Firefox 2.0.0.3 > Description: Out-of-bounds memory access via specialy crafted html file > Type: Remote > > Vulnerability can be exploited by using a large value in a href tag to > create an out-of-bounds memory access. > > Proof Of Concept exploit: > http://www.critical.lt/research/opera_die_happy.html
This doesn't work in Firefox 2.0.0.3 in Ubuntu 7.04. This sounds like it might be another case of mistaken identity with the heap overflow vulnerability in Nvidia blob drivers for Linux, as this was one way to exploit it. -- Robert Wesley McGrew http://mcgrewsecurity.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
