-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 p4.werterxyz@xxxxxxxxx wrote: > test2: > http://werterxyz.altervista.org/test2.html > http://geocities.com/werterxyz/test2.html * Mozilla claims this is a security bug with normal severity. https://bugzilla.mozilla.org/show_bug.cgi?id=334341 * Secunia classify this as a not critical security bybass. http://secunia.com/advisories/19698/ * Some days ago yesn@xxxxxxxx claimed that this was a "code execution exploit". (LOL) * Now this guy claims this is a "Denial of Service". (ROTFL) Maybe someone should explain this people which is the differences between a security threat, an application bug, and an expected behaviour. This is a DoS as the following. I found a new denial of service vulnerability in Windows CMD.EXE that affects all Windows versions that have the CMD.EXE executable. The user must execute a new shell and write this text followed by the Enter button: for /l %i in (1,1,10000) do explorer.exe - -- Flavio Visentin GPG Key: http://www.zipman.it/gpgkey.asc There are only 10 types of people in this world: those who understand binary, and those who don't. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEYnKhusUmHkh1cnoRAiHcAJ0aA9n+kFBSuP3De6zdZBDTwBI+YgCeI3fb n2QLWmC7JxAwEmR+lPWcLIU= =I+Iu -----END PGP SIGNATURE-----
