`----- Forwarded message from Michal Zalewski <[email protected]> -----
Approved-By: [email protected]
Delivered-To: [email protected]
Delivered-To: [email protected]
X-Hate: Where do you want to go to die?
Date: Thu, 28 Sep 2000 18:45:41 +0200
Reply-To: Michal Zalewski <[email protected]>
From: Michal Zalewski <[email protected]>
Subject: Netscape Navigator buffer overflow
To: [email protected]
Haven't seen bugreport on it, so I decided to publish this vulnerability.
In fact it's pretty old, but still unpublished: Netscape Navigator is
vulnerable to trivial, remote buffer overflow attack when viewing prepared
html:
<form action=something method=something>
<input type=password value=reallylongstring...>
...other form tags...
</form>
If buffer is reasonably long, Netscape crashes with SEGV while trying to
parse this tag (it happens around 16 kB of junk as value=) while calling
function XFE_GetFormElementInfo(). It is not a stack overflow, but, as
some pointers are overwritten, it seems to be exploitable. If someone has
free time and good will, could try - recall JPEG comment heap overflow.
Only type=password is vulnerable to this attack.
_______________________________________________________
Michal Zalewski [[email protected]] [tp.internet/security]
[http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};:
=-----=> God is real, unless declared integer. <=-----=
----- End forwarded message -----
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation