September 27th, 2005, 02:51 PM
How to attack Firefox code
I didn't see this posted anywhere, but How to attack firefox code has been posted on the net. Firefox has a patch available, but Netscape which is based on firefox hasn't.
September 27th, 2005, 02:54 PM
I thought Firefox was based on Netscape and not the other way around? And Mozilla must be included somewhere in this all too.
September 27th, 2005, 03:37 PM
The latest version of netscape is built on java, not the mozilla engine like it used to... and is capable of emulating both Firefox engine, and IE6 engine. You can pick which engine to use from within the browser.
\"Computer games don\'t affect kids; I mean if Pac-Man affected us as kids, we\'d all be running around in darkened rooms munching magic pills and listening to repetitive electronic music.\" Kristian Wilson, Nintendo, Inc. 1989
September 27th, 2005, 10:37 PM
Re: How to attack Firefox code
Is anyone else wondering how this flaw with different charactars being allowed, lets people run arbitrary code? So far I havent found anything technical, only news articals like this one.
The flaw lies in the way the browsers handle International Domain Names, which are web addresses that use international characters [/B]
It is better to be HATED for who you are, than LOVED for who you are NOT.
THC/IP Version 4.2
September 28th, 2005, 04:46 PM
I am interested in the other firefox flaw: allowing a buffer-overrun to happen when a long url is passed to firefox using the shell. I read when you using evolution email program that includes an url to pop open a firefox session, a long url can trick firefox to crash. Is this the exploit everyone is talking about? When I first read the article, I remembered the Unicode exploit Microsoft browsers had in the past. History repeating itself. Mozilla is just like President Bush....I will take you to war but don't blame me for crap, never ever.