-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) ]
Author: Maksymilian Arciemowicz and sp3x
http://SecurityReason.com
Date:
- - Dis.: 07.05.2009
- - Pub.: 11.12.2009
======================================================================
Flock web browser v2.5.6 (Remote Memory Corrupt) Crash Exploit
======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
> users?
There have been cases and quite a few.
My first thoughts were about Word Perfect. Actually it is just a
representative of a wider class of apps there. The semantics of locking
on Windows and Unix differ and when apps get ported (especially using a
toolkit) people do not account for the advisory nature of Unix flock().
As a result files that were reasonably safe in the original environment
due to OS-level exclusive locking stop being so on the Unix port.
- - Mozilla Sunbird
- - Mozilla Camino
- - KDE (example: konqueror)
- - Opera
- - K-Meleon
- - F-Lock
This list is not yet closed.
- --- 4. Fix ---
NetBSD fix (optimal):
- - Mozilla Sunbird
- - Mozilla Camino
- - KDE (example: konqueror)
- - Opera
- - K-Meleon
- - F-Lock
- - MatLab
- - J
This list is not yet closed.
FreeBSD project has fixed this issue (state 2010-01-05) only in
