[Full-disclosure] Buffer Overflow vulnerability in Windows Display Manager [Suspected]
Lise Moorveld
lise_moorveld at yahoo.com
Mon Jan 2 14:06:56 GMT 2006
Dear Sumit,
Could you tell me how you exploited this buffer
overflow issue in Firefox so I can try and reproduce
it? I notice a lot of A's in your address bar but I'm
not sure whether that's it and if so, how many A's are
used.
Regards,
Lise
--- Sumit Siddharth <sumit.siddharth at gmail.com> wrote:
> Hi,
> The Windows display manager crashes when a BOF is
> attempted on a mozilla
> firefox.
> This has different results on different windows
> machine.
> In Windows XP only the display manager crashes ,
> whereas on a Windows 2000
> server the BSOD(Blue screen of death )appears and
> the system hangs.
> I am using Firefox 1.0.6. I think that the bug is in
> the display driver and
> not with firefox. Kindly find a screen shot attached
> with this email.
>
> Thanks
> Sumit
>
>
> --
>
> Sumit Siddharth
> Information Security Analyst
> NII Consulting
> Web: www.nii.co.in
> ------------------------------------
> NII Security Advisories
> http://www.nii.co.in/resources/advisories.html
> ------------------------------------
> > _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
>
http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia -
http://secunia.com/
__________________________________________
Yahoo! DSL – Something to write home about.
Just $16.99/mo. or less.
dsl.yahoo.com
Full-Disclosure is hosted and sponsored by Secunia.