Re: Firefox 1.5.0.3 - DoS
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
p4.werterxyz@xxxxxxxxx wrote:
> test2:
> http://werterxyz.altervista.org/test2.html
> http://geocities.com/werterxyz/test2.html
* Mozilla claims this is a security bug with normal severity.
https://bugzilla.mozilla.org/show_bug.cgi?id=334341
* Secunia classify this as a not critical security bybass.
http://secunia.com/advisories/19698/
* Some days ago yesn@xxxxxxxx claimed that this was a "code execution
exploit". (LOL)
* Now this guy claims this is a "Denial of Service". (ROTFL)
Maybe someone should explain this people which is the differences
between a security threat, an application bug, and an expected behaviour.
This is a DoS as the following.
I found a new denial of service vulnerability in Windows CMD.EXE that
affects all Windows versions that have the CMD.EXE executable.
The user must execute a new shell and write this text followed by the
Enter button:
for /l %i in (1,1,10000) do explorer.exe
- --
Flavio Visentin
GPG Key: http://www.zipman.it/gpgkey.asc
There are only 10 types of people in this world:
those who understand binary, and those who don't.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEYnKhusUmHkh1cnoRAiHcAJ0aA9n+kFBSuP3De6zdZBDTwBI+YgCeI3fb
n2QLWmC7JxAwEmR+lPWcLIU=
=I+Iu
-----END PGP SIGNATURE-----