Full Disclosure mailing list archives
Re: IE sp2 and Mozilla Firefox DoS.
From: phased <phased () mail ru>
Date: Tue, 28 Dec 2004 17:51:09 +0300
Probably because there is a simple solution, close the browser, end of problem. -----Original Message----- From: bipin gautam <visitbipin () yahoo com> To: full-disclosure () lists netsys com Date: Mon, 27 Dec 2004 10:24:14 -0800 (PST) Subject: [Full-disclosure] IE sp2 and Mozilla Firefox DoS.
There is an issue with these browser rendering html's with long titles. Only Tested on: -------------- Internet Explorer(SP2): 6.0.2900.2180 Mozilla firefox: 1.0 Not affected: ------------- Mozilla Browser Have a look at, ___________________ <html> <head> <title> ....(put)3.5 MB OF data....... </html> ___________________ For IE beyond 1 Mb will just do fine. On execution, Mozilla Firefox starts filling up all the available system memory with 100% CPU use. Internet explorer renders 100% CPU use, but no system instability. (O; I've tested it on Windows XP SP2. Both Firefox & IE supports decompression method 'gzip' ie. an extended request header named HTTP_ACCEPT_ENCODING like HTTP_ACCEPT_ENCODING=gzip,deflate By this way, the file can be kept around few kilobytes in the server and delivered easily. I wonder, why such... simple issue went un-noticed to everyone for years... __________________________________ Do you Yahoo!? Send holiday email and support a worthy cause. Do good. http://celebrity.mail.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: IE sp2 and Mozilla Firefox DoS. morning_wood (Jan 05)
- <Possible follow-ups>
- Re: IE sp2 and Mozilla Firefox DoS. phased (Jan 06)
- Re: IE sp2 and Mozilla Firefox DoS. Sebastian Dietz (Jan 06)
- RE: IE sp2 and Mozilla Firefox DoS. bipin gautam (Jan 06)