lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: kang at insecure.ws (kang@...ecure.ws) Subject: safari dos Original is here: http://www.insecure.ws/article.php?story=20031122012748282 Safari will never exit a loop in javascript. Since javascript isn't executed in a thread, this cause a DoS (Safari crashes). Firebird has been tested and is not vulnerable. I don't know about other browers on MacOSX, but they are probably not vulnerable. (OmniWeb?) /As usual, read more for exploit/explanation/ ---------- |Adv: safari_0x02 Release Date: 22/11/03 Affected Products: Safari =< 1.1.1 Impact: Denial of Service Severity: Remote, low Author: kang, kang@...ecure.ws | A very simple javascript block like this one: while (true) { document.location "sherlock://com.apple.movies?" } is enought to lock up Safari, effectivly DoSing it. Notice that you must call a protocol helper in the loop, here I'm calling Sherlock. Otherwise, the loop is aborted and Safari functions normally. There is no fix available yet. Vendor has been informed.
Powered by blists - more mailing lists