Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 25 Jul 2000 04:50:38 +0400 (MSD)
From: Solar Designer <>
Subject: OW-002-netscape-jpeg


I've just published a security advisory entitled "JPEG COM Marker
Processing Vulnerability in Netscape Browsers".  It is available at
the usual location:

and is on its way to Bugtraq.

In addition to explaining this particular vulnerability and ways to
fix it, the advisory presents a fairly generic approach to exploiting
writes beyond the end of allocated heap memory.  My goals were to
prove that file parsers used on data files from untrusted sources are
security-critical, to show the danger of integer overflows, and to
present the generic approach to exploiting "heap-based overflows".

Solar Designer

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ