From: “Perry E. Metzger” <perry@piermont.com>
To: Ray Cromwell <rjc@clark.net>
Message Hash: c960419ac60ab7eec8e3694a7740d9a54c14eaa903b0b8111a7bc9ac62b4c23d
Message ID: <199509221226.IAA03742@frankenstein.piermont.com>
Reply To: <199509220626.CAB16453@clark.net>
UTC Datetime: 1995-09-22 12:27:02 UTC
Raw Date: Fri, 22 Sep 95 05:27:02 PDT
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 22 Sep 95 05:27:02 PDT
To: Ray Cromwell <rjc@clark.net>
Subject: Re: Netscape bug update
In-Reply-To: <199509220626.CAB16453@clark.net>
Message-ID: <199509221226.IAA03742@frankenstein.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
I've decided that I'll pay Sameer for the shirt for Ray,
regardless.
However, if someone else produces the exploit first, they should get
one, too!
.pm
Ray Cromwell writes:
>
> I just verified in GDB using a stack trace that the Netscape overflow
> bug I mentioned is indeed a static stack buffer overflow. It trashes
> the stack.
>
> What this means is that in theory, it is possible to get a simple
> URL, if clicked on, to execute some code on someone's browser.
>
> Now the hard work begins...
>
>
> Happy Hacking,
> -Ray
>
>
Return to September 1995
Return to “Ray Cromwell <rjc@clark.net>”