[Full-disclosure] Google Chrome Browser Vulnerability
Shyaam
shyaam at gmail.com
Thu Sep 4 04:20:44 BST 2008
>
> Out of bound array accesses can be vulnerabilities because they can
>> in some cases result in code execution, but not in this case. In
>> this case, it is just an integer underflow that causes a
>> conditional to evaluate to true that shouldn't have and a byte or
>> two of memory being read out of bounds. There is no write, the
>> memory can't be leaked by an attacker, it is simply a crash.
>>
>> You can't even begin to compare a kernel denial of service to a
>> browser crash, killing a browser is a world away from taking down
>> an entire system. Let's face it, the last thing we need is someone
>> whoring out attention for every browser crash they come across.
>> Report it and be done with it, no one cares.
>
>
Cool!!! Thanks...
Shyaam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20080904/a85bd82e/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.