[39842] in Cypherpunks
Netscape bug update
daemon@ATHENA.MIT.EDU (Ray Cromwell)
Fri Sep 22 02:28:17 1995
From: Ray Cromwell <rjc@clark.net>
To: cypherpunks@toad.com
Date: Fri, 22 Sep 1995 02:26:34 -0400 (EDT)
I just verified in GDB using a stack trace that the Netscape overflow
bug I mentioned is indeed a static stack buffer overflow. It trashes
the stack.
What this means is that in theory, it is possible to get a simple
URL, if clicked on, to execute some code on someone's browser.
Now the hard work begins...
Happy Hacking,
-Ray
