I just verified in GDB using a stack trace that the Netscape overflow bug I mentioned is indeed a static stack buffer overflow. It trashes the stack. What this means is that in theory, it is possible to get a simple URL, if clicked on, to execute some code on someone's browser. Now the hard work begins... Happy Hacking, -Ray