(dan.j.rosenberg@gmail.com).
==Timeline==
3/04/10 - Initial report to downstream distribution
5/11/10 - Anonymous researcher discloses first issue
5/11/10 - Disclosure
==References==
CVE identifier CVE-2010-1869 has been assigned to the first issue.
and isn't a big deal or a vulnerability (here's lookin at you, Secunia). If
this is how web browsers are supposed to behave, all you security people have
got a heap o trouble to look forward to.
If ya'll want to hear more about this technique and get more example codes,
you can check out the first issue of http://plzadvise.com/ PLZ advise, out
May-ish. There will be a more substantial paper there.
With love,
Goatse Security
==Credits==
These vulnerabilities were discovered by Dan Rosenberg
(dan.j.rosenberg@gmail.com).
Thanks to Vitezslav Crhonek for the patch against the first issue.
==References==
CVE identifiers CVE-2010-0788, CVE-2010-0790, and CVE-2010-0791 have been
assigned to these issues.
