Closed Bug 1011684 Opened 10 years ago Closed 10 years ago

crash reported to Sec@

Categories

(Core :: DOM: Editor, defect)

Product:
Core
Component:
DOM: Editor
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1005584

People

(Reporter: curtisk, Unassigned)

Details

(Whiteboard: [do not open before bug 1018486 is opened])

Crash Data

Attachments

(1 file)

poc.html
445 bytes, text/html
Details
Attached file poc.html 
Date: Fri, 16 May 2014 18:33:07 +0000
From: Zef Cekaj <zef@exodusintel.com>
To: security@mozilla.org
Subject: Report
-----//-----

The attached POC crashes the firefox process referencing a no-longer
valid address.

Please give us a timeframe for patch when available.

Credit:
SkyLined, a researcher working with Exodus Intelligence
(https://www.exodusintel.com)
-- 
Zef Cekaj
Security Researcher
Exodus Intelligence LLC.
KeyID: 0xFB595AA1
4F57 45CC B00F F668 8411  8EBF 172A 5A52 FB59 5AA1
confirmed with crash ID bp-0f8fdebc-0522-41e9-89ae-056522140516
Status: UNCONFIRMED → NEW
Ever confirmed: true
Crash Signature: nsTextEditRules::CreateMozBR(nsIDOMNode*, int, nsIDOMNode**)
Ehsan, do we have any better editor owners these days?
Component: Security → Editor
Flags: needinfo?(ehsan)
No, but I think this is a dupe of bug 1005584.
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: needinfo?(ehsan)
Resolution: --- → DUPLICATE
Ehsan, could you please cc me on bug 1005584?
(In reply to SkyLined from comment #5)
> Ehsan, could you please cc me on bug 1005584?

I've added you to the cc list
Can you cc me as well.
(In reply to zef from comment #7)
> Can you cc me as well.

Done.
Group: core-security → core-security-release
Whiteboard: [do not open before bug 1018486 is opened]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: