Log In
Register
Semisecure Login is not enabled!
Please enable JavaScript and use a modern browser to ensure that your password is encrypted.
Home
Topic RSS
Related Topics
03:03
Newbie
March 20, 2012
Offline
Hey,
I was wondering if someone could help me with this. I'm trying to understand a vulnerability in firefox 10.0.2. The following link contains my questions. http://pastebin.com/XZcaJZYv
23:19
Newbie
April 18, 2012
Offline
Hello bashed, hello Corelan-Forum!
I too am curious about the firefox array.join("") problem, but I wasn't able to find much about it (neither further info on the internet nor clear indications in the code). In particular, I was wondering if it is certain that the root of the problem is found in array_join and not in, say array_toString_sub? Couldn't the change from js_ValueToString() to ToString() in array_join just be an optimization?
Also, how would you clear the string in (the replaced) String.prototype.toString? You couldn't just delete it, since function-arguments can't be deleted in js.
Sorry for bringing more questions and no answers, but maybe it helps to sparking a discussion…
Best regards,
Ihn
Most Users Ever Online: 91
Currently Online:
7 Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
mr_me: 313
Lincoln: 198
rick2600: 181
redsees: 179
Member Stats:
Guest Posters: 1
Members: 11600
Moderators: 1
Admins: 1
Forum Stats:
Groups: 3
Forums: 54
Topics: 989
Posts: 6265
Newest Members: ysf, Zerk, funny_bmt_91, garbage
Moderators: Peter Van Eeckhoutte (2942)
Administrators: Peter Van Eeckhoutte (2942)
