| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: kf_lists at secnetops.com (kf_lists) Subject: magic trick ... voila 100% cpu The JavaScript is supposed to open up the M$ office assistant (the wizard)... make him act surprised and then have him crash your web browser due to the very long line of text he is trying to "say". On windows boxen this should cause agentsvr.exe to take up 100% of the CPU... I have only been able to test TB 0.6 (20040503) on Suse 9.1 in regards to the X windows crash... I had no luck reproducing it. Anyone else having X crashes because of this? -KF > > whatever the JS code in your attachement does - at least it crashes my > Mozilla Thunderbird (version 0.7.1 (20040715)) when i tries to display > the attachment inline. oh, not only TB crashes, but my Gnome display > manager crashes too and takes the whole X11 session down: > > gconfd (evil-8530): Signal 15 received, shutdown > gdm[8021]: gdm_slave_xioerror_handler: heavy X-error - :0 will be > restarted > (messages appear in german here, "translated" for the list) > > this is debian/unstable, linux 2.6.8-rc4 (latest -BK), gdm is version > 2.6.0.3, XFree86-4.3.0. i guess it's time to bugzilla something.... > > Thanks, > Christian. > -- > BOFH excuse #266: > > All of the packets are empty. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists