| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 08 Sep 2008 13:43:36 -0400 From: Mike Duncan <Mike.Duncan@...a.gov> To: rotem@...sec.com Cc: bugtraq@...urityfocus.com Subject: Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I could not duplicate this with either Chrome or Safari (which also uses WebKit). I am using WinXP SP3 and Chrome v0.2.149.27 build 1538. I wonder if this is instead an issue with your Windows installation rendering the tool-tip for the title (which is default with browsers using WebKit). I tried varying values all the way up to 2147483647. Of course, the script running these high values would take a long time to complete the loop -- but that is to be expected. Mike Duncan ISSO, Application Security Specialist Government Contractor with STG, Inc. mike.duncan@...a.gov Rotem Kerner wrote: | a vulnerability was found which allow a remote attacker to freeze the | users browser | by convincing him to visit a malicious web page | | Chrome(0.2.149.27) Denial of Service(Freeze) exploit poc: | http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html | | Exodus. | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD4DBQFIxWRHnvIkv6fg9hYRAnUqAJdM1yO2L0MoUJcM8rbKCjkHQ1EzAKCQZaEh OhKfgPnoocKhaz/ILWRBxw== =18Pq -----END PGP SIGNATURE-----
Powered by blists - more mailing lists