Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Announcing cross_fuzz, a potential 0-day in circulation, and more
Jan 01 2011 10:02AM
Michal Zalewski (lcamtuf coredump cx)
== SUMMARY ==
I am happy to announce the availability of cross_fuzz - an amazingly
effective but notoriously annoying cross-document DOM binding fuzzer that
helped identify about one hundred bugs in all browsers on the market - many
of said bugs exploitable - and is still finding more.
[ more ]
Copyright 2010, SecurityFocus