[Full-disclosure] firefox 2.0.0.2 crash
endrazine
endrazine at gmail.com
Sun Mar 11 21:09:18 GMT 2007
Mihai Dontu a écrit :
> On Friday 09 March 2007 20:31, Tõnu Samuel wrote:
>
>> Can be dupe but in fast browsing over topics I did not discovered this
>> exploit:
>>
>> http://people.zoy.org/~sam/firefox-crash-save-session-before-clicking.gif
>>
Makes gimp 2.2.12 segfault.
endrazine at localhost ~/firefox.crash $ gimp
./firefox-crash-save-session-before-clicking.gif
GIF: too much input data, ignoring extra...
GIF: bogus character 0x00, ignoring.
GIF: too much input data, ignoring extra...
GIF: bogus character 0x00, ignoring.
GIF: bogus character 0x23, ignoring.
GIF: bogus character 0xf9, ignoring.
GIF: bogus character 0x04, ignoring.
GIF: bogus character 0x05, ignoring.
GIF: bogus character 0x0a, ignoring.
GIF: bogus character 0x00, ignoring.
GIF: bogus character 0x0e, ignoring.
GIF: bogus character 0x00, ignoring.
(gifload:8687): LibGimp-CRITICAL **: gimp_drawable_get: assertion `width
> 0 && height > 0 && bpp > 0' failed
/usr/lib/gimp/2.0/plug-ins/gifload: fatal error: Erreur de segmentation
endrazine at localhost ~/firefox.crash $
Cheers,
endrazine
Full-Disclosure is hosted and sponsored by Secunia.