It seems to me Apple is forever disclosing data file-induced overflow bugs, in WebKit and various OS X components. You'd think a long, hard fuzzing effort would find more of these, but the more successful it is, the greater the imperative to address it as a matter of development practices.
-----Original Message----- From: Joel Esler [mailto:[email protected]] Sent: Saturday, March 27, 2010 9:34 AM To: Charles Miller Cc: Larry Seltzer; [email protected] Subject: Re: [funsec] Miller, Pwn2Own's winner tells Apple, Microsoft to find their own bugs On Mar 27, 2010, at 9:31 AM, Charles Miller wrote: > On Mar 27, 2010, at 7:30 AM, Joel Esler wrote: > >> Good point. >> >> On a positive note, one of the reasons they rewrote Quicktime was to get rid of this stuff. The new quicktime is much less susceptible (allegedly) to the nonsense that the Quicktime < 10's were. >> > > You've apparently drank too much of the Apple Kool-aid. You could be right. But, allegedly, is the key word. -- Joel Esler http://blog.joelesler.net _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
