On Mon, 4 Jun 2007, Michal Zalewski wrote:
1) Title: MSIE page update race condition
Impact : cookie stealing / setting, page hijacking, memory corruption
Demo : http://lcamtuf.coredump.cx/ierace/
Just FYI - my logs indicate that there is a fairly high percentage of
patterns
The 522+ stuff I can confirm as vulnerable. That particular build
number is associated with the current version of the nightly webkit
build.
http://nightly.webkit.org/
419.3 is associated with the current Security updates on 10.4.9 I am
pretty sure.
-KF
On Jun 5, 2007, at 2:08 PM, Michal
Hello,
Will keep it brief. A couple of browser bugs, fresh from the oven, hand
crafted with love:
1) Title: MSIE page update race condition (CRITICAL)
Impact : cookie stealing / setting, page hijacking, memory corruption
Demo : http://lcamtuf.coredump.cx/ierace/
...aka the