[2368] in Release_7.7_team
Netscape 4.73 security vulnerability
daemon@ATHENA.MIT.EDU (Thomas Bushnell, BSG)
Mon Jul 31 15:46:09 2000
To: release-team@MIT.EDU, infoagents@MIT.EDU
From: tb@MIT.EDU (Thomas Bushnell, BSG)
Date: 31 Jul 2000 15:46:01 -0400
Message-ID: <u1hvgxm13t2.fsf@alice-whacker.mit.edu>
Netscape 4.73 has a serious security problem which has been widely
announced to the world. I believe it is incumbent on us to install
and switch to Netscape 4.74 as soon as possible--no more than one week
delay, in my opinion, maybe faster.
As it is described by Red Hat:
Netscape's processing of JPEG comments trusted the length parameter
for comment fields; by manipulating this value, it would be possible
to cause netscape to read in an excessive amount of data, overwriting
memory. Specially designed data could allow a remote site to execute
arbitrary code as the user of netscape.
This vulnerability is fixed in Netscape 4.74.
Thomas
