[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1151176725.7402.264579388@webmail.messagingengine.com>
Date: Sat, 24 Jun 2006 15:18:45 -0400
From: "Eric Furman" <ericfurman@...tmail.net>
To: bugtraq@...urityfocus.com
Subject: Re: Opera 9 DoS PoC
On Wed, 21 Jun 2006 14:21:08 -0300, "Bruno Lustosa"
<bruno.lists@...il.com> said:
> On 21 Jun 2006 03:39:09 -0000, N9@...tical.lt <N9@...tical.lt> wrote:
> > Details:
> >
> > Vulnerability can be exploited by using a large value in a href tag to create an out-of-bounds memory access.
> >
> > Proof Of Concept DoS exploit:
> >
> > http://www.critical.lt/research/opera_die_happy.html
>
> Interesting enough, clicking on that link under Firefox 1.5.0.4 made
> it hang for about 20 seconds, consuming 100% cpu time.
> Probably not a vulnerability, although it could be "exploited" to annoy
> users.
Under Netscape 8.1 the link did nothing using the Firefox rendering
engine. However, when using the Internet Explorer rendering engine
an error window comes up;
Microsoft Visual C++ Debug Library: Debug Assertion Failed!
It has three buttons; Abort, Retry and Ignore.
Hitting Abort or Retry crashes the browser while Ignore closes the
window and nothing further happens.
--
Eric Furman
ericfurman@...tmail.net
Powered by blists - more mailing lists