| Summary: | HTML crashes Opera, Mozilla, Lynx, Links, and more | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Lisa Seelye (RETIRED) <lisa> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | major | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | A2? [upstream] koon | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Lisa Seelye (RETIRED)
2004-10-22 14:47:47 UTC
These crashes are probably not exploitable, but better safe than sorry, we'll track them here. Mozilla bug: https://bugzilla.mozilla.org/show_bug.cgi?id=264944 Firefox is fixed in version 1.0, according to http://www.squarefree.com/burningedge/releases/1.0.html Links is fixed in 1.00pre12, according to http://artax.karlin.mff.cuni.cz/~mikulas/links/download/ChangeLog : Fixed bugs discovered with mangleme: http://lcamtuf.coredump.cx/mangleme/mangle2.cgi memory leak with nested <select multiple name=n> tags integer overflow in frame widths causes an internal error internal error with base url only containing // fixed incorrect generating of title (does not cause crash, but excessive memory allocation) Lynx doesn't look fixed as of 2004-11-07 (2.8.6dev.8) see http://lynx.isc.org/current/CHANGES Opera doesn't look fixed as of 7.60 Preview 3 Build 862 (November 15, 2004) See http://snapshot.opera.com/unix/ >------- Additional Comment #5 From Koon 2004-11-24 08:28 PST ------- > >Lynx doesn't look fixed as of 2004-11-07 (2.8.6dev.8) >see http://lynx.isc.org/current/CHANGES * limit TEXTAREA columns to the screen width, and rows to 3 times the screen height (report by FLWM) -TD These are bugs rather than security issues, and most browsers fixed them. Closing, please reopen if you disagree (like, if you think/prove those crashes are exploitable). |