Full Disclosure mailing list archives
IE sp2 and Mozilla Firefox DoS.
From: bipin gautam <visitbipin () yahoo com>
Date: Mon, 27 Dec 2004 10:25:07 -0800 (PST)
There is an issue with these browser rendering html's with long titles. Only Tested on: -------------- Internet Explorer(SP2): 6.0.2900.2180 Mozilla firefox: 1.0 Not affected: ------------- Mozilla Browser Have a look at, ___________________ <html> <head> <title> ....(put)3.5 MB OF data....... </html> ___________________ For IE beyond 1 Mb will just do fine. On execution, Mozilla Firefox starts filling up all the available system memory with 100% CPU use. Internet explorer renders 100% CPU use, but no system instability. (O; I've tested it on Windows XP SP2. Both Firefox & IE supports decompression method 'gzip' ie. an extended request header named HTTP_ACCEPT_ENCODING like HTTP_ACCEPT_ENCODING=gzip,deflate By this way, the file can be kept around few kilobytes in the server and delivered easily. I wonder, why such... simple issue went un-noticed to everyone for years... Bipin Gautam http://www.geocities.com/visitbipin/ http://www.nepsecure.tk __________________________________ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IE sp2 and Mozilla Firefox DoS. bipin gautam (Dec 27)
- RE: IE sp2 and Mozilla Firefox DoS. ALD, Aditya, Aditya Lalit Deshmukh (Dec 27)
- <Possible follow-ups>
- IE sp2 and Mozilla Firefox DoS. bipin gautam (Dec 29)