[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Netscape bug update
I've decided that I'll pay Sameer for the shirt for Ray,
regardless.
However, if someone else produces the exploit first, they should get
one, too!
.pm
Ray Cromwell writes:
>
> I just verified in GDB using a stack trace that the Netscape overflow
> bug I mentioned is indeed a static stack buffer overflow. It trashes
> the stack.
>
> What this means is that in theory, it is possible to get a simple
> URL, if clicked on, to execute some code on someone's browser.
>
> Now the hard work begins...
>
>
> Happy Hacking,
> -Ray
>
>