[Dailydave] Firefox bugs
Juha-Matti Laurio
juha-matti.laurio at netti.fi
Tue Oct 3 17:33:45 Local tim 2006
CNET TV Video Hackers claim Firefox zero-day flaw
about the presentation:
http://news.com.com/1606-2_3-6121987.html
- Juha-Matti
Dave Aitel <dave at immunityinc.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Didn't you post on your weblog some stuff about Chrome: being buggy?
> It's completely believable to have a chrome: context issue in Firefox.
> I recall you said something about iterators, but I don't have a
> Mozilla developer account so I can't look at the diff.
>
> Are the slides/full PoC available publicly?
> - -dave
>
> Thor Larholm wrote:
> > Their PoC, both the one in their slides and the full PoC, is
> > nothing more than an out-of-memory crash, of which Firefox already
> > has plenty. They were still struggling to write a working exploit
> > days after the presentation, even though they claimed to have just
> > that during the presentation.
> >
> > Long story short, the bug is just a bug - not a vulnerability.
> >
> >
> > Regards Thor Larholm
More information about the Dailydave
mailing list