[Sigia-l] Integrated online thesauri

Dwayne King dking at pinpointlogic.com
Thu Oct 28 11:06:06 EDT 2004 

It's official, I will NEVER recommend user postings on a web site to 
clients. Benjamin's post is a perfect example of the problems 
associated with that. It's now been reported that a Web site focused on 
security declared that all browsers but IE are unstable. In fact, it's 
a post to BugTraq from http://lcamtuf.coredump.cx/.

The post starts off:

"I wanted to file a vague report a couple of potentially exploitable
vulnerabilities and DoS conditions in popular browsers, announce a 
useful
web browser testing tool, and stir some controversy - all in one short
post. Let me know how I doing."


The crashes happen when he runs a program with malformed html that 
refreshes over and over again. My problem isn't really what was said 
per se, it's that by reading the post without looking into it, I would 
think that according to SecurityFocus.com IE is the only stable browser 
  - Neither of which are true.


Dwayne

On Oct 27, 2004, at 5:05 PM, Boniface Lau wrote:

>
>> From: Benjamin Kahn
>>
>> Bleh. That web site renders horribly on Firefox. I don't usually see
>> too many web sites that are public facing that are so IE specific.
>
> The layout is extremely fragile. It uses a bunch of breaks to ensure
> that the body text does not run into the black banner. But due to an
> CSS error, when the page is rendered in Firefox, the black banner ran
> into the top navigation bar and search box. IE's error handling did
> not screw up the layout.
>
> BTW, according to:
>
> http://www.securityfocus.com/archive/1/378632/2004-10-15/2004-10-21/0
>
> when feeding malformed html pages to various browsers...
>
> MF> All browsers but Microsoft Internet Explorer kept crashing on a
> MF> regular basis due to NULL pointer references, memory corruption,
> MF> buffer overflows, sometimes memory exhaustion;
>
>
> Boniface
>
> ------------
> When replying, please *trim your post* as much as possible.
> *Plain text, please; NO Attachments
>
> Searchable list archive:   http://www.info-arch.org/lists/sigia-l/
> ________________________________________
> Sigia-l mailing list -- post to: Sigia-l at asis.org
> Changes to subscription: http://mail.asis.org/mailman/listinfo/sigia-l
>

More information about the Sigia-l mailing list