oss-sec mailing list archives
CVE request for browser IFRAME/file download DoS
From: Kurt Seifried <kurt () seifried org>
Date: Sat, 3 Jul 2010 23:18:07 -0600
Denial of service in various browsers: http://seclists.org/fulldisclosure/2010/Jul/69 Basically it opens a lot of iframes that point to a file download/run location, you get endlessly spammed with run/save/cancel, in the case of affected web browsers they become non-responsive and you need to kill them using task manager/etc. Affected Firefox 3.6.4 IE 8 Safari 5.0 (7533.16) Not affected: Chrome 5/6 Opera 10 -- Kurt Seifried kurt () seifried org tel: 1-703-879-3176
Current thread:
- CVE request for browser IFRAME/file download DoS Kurt Seifried (Jul 04)
- Re: CVE request for browser IFRAME/file download DoS Josh Bressers (Jul 06)