[COMP] Security: Netscape v4.73 and below

• To: computers@xxxxxxxxxxxxxx
• Date: Fri, 28 Jul 2000 18:37:51 -0500

Just a note: Netscape v4.73 and earlier contains a really strange bug. 
Apparently, it's possible to embed code within JPEG images that Netscape
actually *executes* on your system because of it mis-handling its rendering of
the image.  It crashes, and on the way down, executes whatever's in the image.  

I haven't heard a lot about this at the usual security places, so I thought I'd
pass it on here.  I'm not sure how (or if) this affects Windows users,
but it's certainly a Unix issue.  Netscape v4.74 is available from Netscape's
FTP site.  

Btw, this may also contain a fix for the SSL holes Netscape's had for awhile.  

John


-- 
# John Madden  weez@xxxxxxxxxxxxxx ICQ: 2EB9EA
# Sys-Admin / Webmaster, Avenir Web: http://avenir.dhs.org
# LANdb: Network Admin Database - http://avenir.dhs.org/landb/
# NCPweb: Web-based frontend to ncpfs - http://avenir.dhs.org/ncpweb/
# Linux, Apache, Perl and C: All the best things in life are free!

========================================
Avenir Web's Computers Mailing List

List Modes, Subscription, and General Info:
Go to http://avenir.dhs.org/mailing.html
List Archives: http://avenir.dhs.org/archives/
Administrative Contact: weez@xxxxxxxxxxxxxx

Get computer help: http://avenir.dhs.org
========================================

• Follow-Ups:
  • [COMP] Re: Security: Netscape v4.73 and below
    • From: computers

Other related posts:

• » [COMP] Security: Netscape v4.73 and below
• » [COMP] Re: Security: Netscape v4.73 and below
• » [COMP] Re: Security: Netscape v4.73 and below

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription