On Mon, Jul 12, 2004 at 01:23:39PM +0200, thE_iNviNciblE wrote: > there is a security vulnerability in Firebox 0.92 (latest Version) > > http://www.4rman.com/exploits/tinybmp.htm > > this link causes that your virutal memory will be rise up 1,2 GB used > Memory... > > maybe Thunderbird 0.72 is also vulnerable via HTML.
Are you certain this is a vuln in Firefox? On W2K SP4 fully patched: I can verify that opening that page in Firefox 0.9.2 causes VM to balloon. However, I get almost identical results opening the same page in IE 6sp1, and can cause excessive VM consumption by opening little.bmp referenced in your page in MS Paint. st3ng4h _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
