Opera: http://securitytracker.com/alerts/2004/Oct/1011811.html Mozilla: http://securitytracker.com/alerts/2004/Oct/1011810.html Lynx: http://securitytracker.com/alerts/2004/Oct/1011809.html Links: http://securitytracker.com/alerts/2004/Oct/1011808.html Others http://securitytracker.com/archives/category/121.html
These crashes are probably not exploitable, but better safe than sorry, we'll track them here.
Mozilla bug: https://bugzilla.mozilla.org/show_bug.cgi?id=264944
Firefox is fixed in version 1.0, according to http://www.squarefree.com/burningedge/releases/1.0.html
Links is fixed in 1.00pre12, according to http://artax.karlin.mff.cuni.cz/~mikulas/links/download/ChangeLog : Fixed bugs discovered with mangleme: http://lcamtuf.coredump.cx/mangleme/mangle2.cgi memory leak with nested <select multiple name=n> tags integer overflow in frame widths causes an internal error internal error with base url only containing // fixed incorrect generating of title (does not cause crash, but excessive memory allocation)
Lynx doesn't look fixed as of 2004-11-07 (2.8.6dev.8) see http://lynx.isc.org/current/CHANGES
Opera doesn't look fixed as of 7.60 Preview 3 Build 862 (November 15, 2004) See http://snapshot.opera.com/unix/
>------- Additional Comment #5 From Koon 2004-11-24 08:28 PST ------- > >Lynx doesn't look fixed as of 2004-11-07 (2.8.6dev.8) >see http://lynx.isc.org/current/CHANGES * limit TEXTAREA columns to the screen width, and rows to 3 times the screen height (report by FLWM) -TD
These are bugs rather than security issues, and most browsers fixed them. Closing, please reopen if you disagree (like, if you think/prove those crashes are exploitable).