Netscape 4 DoS/Possibly exploitable buffer overflow.

Laslo Orto (laslo@CPOL.COM)
Mon, 12 Jan 1998 16:23:34 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aleph One: "Q179129: STOP 0x0000000A Due to Modified Teardrop Attack"
Previous message: Ruth Milner [VLA]: "update on Solaris 2.6 security logging"

I've never seen this posted/discussed anywhere before, so here it goes.

Netscape (version verified is 4.03) has a buffer overflow bug in their
bookmarks code. When somebody goes to a web page with a very long title
(6-8k) and then s/he bookmarks the page, netscape will start crashing at
loading bookmark.htm on startup. It's similar to the IE4 bug discovered
not long ago, but here you have to get the victim to bookmark the attackers
page.

Laslo Orto Computer Pages / Better.Net
Systems Administrator 253 Sheppard Ave. West
laslo@cpol.com / laslo@Better.net Toronto, Canada M2N 1N2
www.cpol.com / www.better.net Ph: +1 416 225 3030
Fax: +1 416 225 6737

Next message: Aleph One: "Q179129: STOP 0x0000000A Due to Modified Teardrop Attack"
Previous message: Ruth Milner [VLA]: "update on Solaris 2.6 security logging"