lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: visitbipin at (bipin gautam)
Subject: Browser bugs [DoS] ... where will you draw a line?

Browser bugs [DoS] ... where will you draw a line?

Shouldn't developers [of Browsers] draw a line...
between a DoS bug and a "can be troublesome" feature
in their web-browsern and put necessary measures in
their code to protect form such nasty codes.  These
days... I’ve been seeing lot of stupid IE/Mozilla DoS
exploits. They do get patched. Should we need another
"Bloodhound" technology in brouser as well for such 
but...... it's strange to see neither neither a
antivirus softwares nor IE / MOZILLA are putting
necessary efforts in their code to prevent such
hostile scripts.....? 

<body onload="hUNT()">
<script language="JavaScript"><!--
var szhUNT="...cauz its a jungle out there!"
function hUNT()
{szhUNT=szhUNT + szhUNT
window.status="String Length is: "+szhUNT.length
// --></script>


you could just have a scripts that kicks a infinite
pop up windows!!! or at worst...... lets add a WSH

I guess this bug has patch…
<object id='wsh'
wsh.Run("cmd.exe /k echo is your lucky

... such browser features are far *MORE* troublesome
than *any* browser DoS BUGS!!!

the solution shouldn't be to disable scripting......

so ??????


Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway

Powered by blists - more mailing lists