5161724 2000-06-05  04:19  /41 rader/ Postmaster
Mottagare: Bugtraq (import) <11155>
Ärende: buffer overflow in netscape
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
X-Sender: pierric@zion.local.net
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.LNX.4.04.10006041315370.27780-100000@zion.local.net>
Date:         Sun, 4 Jun 2000 13:28:13 +0200
Reply-To: linux freak <XSFX@LINUXFREAK.COM>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: linux freak <XSFX@LINUXFREAK.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

software used: Netscape Communicator 4.73 on Linux 2.2.14
with Shockwave Flash 4.0 r12

today, while browsing
http://www.epiccenter.com/EpicCenter/custom/260/frame.html,
something strange happened: my netscape crashed (well, it's not that
strange :) and libsafe reported this:

=====================================================================
Jun  4 13:16:58 zion libsafe.so[27786]: version 1.3
Jun  4 13:16:58 zion libsafe.so[27786]: detected an attempt to write
across stack boundary.
Jun  4 13:16:58 zion libsafe.so[27786]: terminating
/usr/local/netscape/netscape
Jun  4 13:16:58 zion libsafe.so[27786]: overflow caused by memcpy()
=====================================================================

and I can reproduce it. I doubt the site in cause is evil... must be
netscape or shockwave's fault

can you reproduce it ?

N: please excuse my bad english, I'm french.. and I'm learning dvorak :)

--
Turn the other cheek and I'll break your fuckin chin
                                                          0x68839421 [PGP]
                                                            26995402 [ICQ]
(5161724) ------------------------------------------