17 Dec
2003
17 Dec
'03
11:17 p.m.
I just verified in GDB using a stack trace that the Netscape overflow bug I mentioned is indeed a static stack buffer overflow. It trashes the stack. What this means is that in theory, it is possible to get a simple URL, if clicked on, to execute some code on someone's browser. Now the hard work begins... Happy Hacking, -Ray