Semisecure Login is not enabled!
March 20, 2012
I was wondering if someone could help me with this. I'm trying to understand a vulnerability in firefox 10.0.2. The following link contains my questions. http://pastebin.com/XZcaJZYv
April 18, 2012
Hello bashed, hello Corelan-Forum!
I too am curious about the firefox array.join("") problem, but I wasn't able to find much about it (neither further info on the internet nor clear indications in the code). In particular, I was wondering if it is certain that the root of the problem is found in array_join and not in, say array_toString_sub? Couldn't the change from js_ValueToString() to ToString() in array_join just be an optimization?
Also, how would you clear the string in (the replaced) String.prototype.toString? You couldn't just delete it, since function-arguments can't be deleted in js.
Sorry for bringing more questions and no answers, but maybe it helps to sparking a discussion…
Most Users Ever Online: 91
Currently Browsing this Page:
Guest Posters: 1
Newest Members: ysf, Zerk, funny_bmt_91, garbage
Moderators: Peter Van Eeckhoutte (2942)
Administrators: Peter Van Eeckhoutte (2942)