Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution

Subject: Re[2]: New Flaw in Firefox 2.0: DoS and possible remote code execution
Date: Fri, 3 Nov 2006 12:08:55 +0300
From: 3APA3A <suppressed>

Dear Jerome Athias,

I  said  NULL pointer is not exploitable _by itself_. Ability to control
unhandled  exception  filter is different vulnerability. NULL pointer in
this case is not exploitation vector, it's only used to initiate attack.

--Thursday, November 2, 2006, 10:01:19 PM, you wrote to suppressed:

JA> 3APA3A a écrit :
>> Dear suppressed,
>>
>> NULL pointer dereference is not exploitable to code execution by itself.
>>
>>   
JA> Hi,

JA> you should be interested by this
JA> http://metasploit.blogspot.com/2006/08/putting-fun-in-browser-fun.html

JA> + a little tool
JA> https://www.securinfos.info/outils-securite-hacking/uSEH.rar

JA> /JA



-- 
~/ZARAZA
Íåïðèÿòíîñòè íà÷íóòñÿ â âîñåìü.  (Òâåí)

References:
- Re: Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
  - From: xxxx
- Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution
  - From: 3APA3A

Prev by Date: Re: Firefox 1.5.0.7 Exploit
Next by Date: Re: Digital Armaments Security Advisory 10.07.2006: Flexwath Authorization Bypassing and XSS Vulnerability
Previous by thread: Re[3]: New Flaw in Firefox 2.0: DoS and possible remote code execution
Next by thread: Authentication bypass in BytesFall Explorer
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.