Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

so, uh anyone else sense a zero day exploit? <a href="File:///<insert code here>">click me</a>... not saying that will work, but usually if you can hard crash something you just found some corruption in memory maybe bad use of memcpy, sprintf instead of snprintf... something along those lines...


Highly unlikely. If you look at the backtrace, it's dying on an assert, not some random memory dereference.


Seems to work in email though: http://news.ycombinator.com/item?id=5154915


A remote DoS isn't remote code execution, but it's still an exploit.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: