Closed Bug 288685 Opened 20 years ago Closed 20 years ago

Access to memory (cache?) possible through regex manipulation

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED DUPLICATE of bug 288688

People

(Reporter: Gavin, Unassigned)

References

(
URL
)

Details

(Whiteboard: [sg:dupe 288688])

Some strange results appear when visiting the URL, and it's possible to see what appears to be some chrome code and contents of other pages, seemingly from the cache, if you refresh the page enough. Whatever it is that's going on, it doesn't seem right from looking at the code. IE shows no such behavior. Happens in Mozilla and Firefox branch builds, I'm not able to currently test the trunk because I'm at work. Although the testcase is publically available, marking security sensitive for review from the security group, and apologies if this is a dupe.
Reproducable on latest Firefox trunk as well as 1.0.2 release. Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8b2) Gecko/20050401 Firefox/1.0+ Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.6) Gecko/20050327 Firefox/1.0.2
Version: 1.7 Branch → Trunk
Apologies, I've found a reference to bug 288608 at http://cubic.xfo.org.ru/index.cgi?read=53529, and although I can't access it, I assume that this is a dupe of it. Can I be CC'ed on that bug?
*** This bug has been marked as a duplicate of 288688 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
Whiteboard: [sg:dupe 288688]
unhiding, since bug 288688 (dupe target) is open, and the bug is public.
Group: security
You need to log in before you can comment on or make changes to this bug.