lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4C051265.1050207@gmail.com>
Date: Wed, 02 Jun 2010 00:00:05 +1000
From: Laurent Gaffie <laurent.gaffie@...il.com>
To: MustLive <mustlive@...security.com.ua>, full-disclosure@...ts.grok.org.uk
Subject: Re: DoS vulnerability in Internet Explorer

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry Mustlive,
i understand you need to see this in clear text finaly.
I guess ascii is the best to communicate with you;


Hello Full-Disclosure!

I want to warn you about a Denial of Service in every browser finaly !!!

It actually affect every browser with a javascript engine  build in !!!

Adobe may be vulnerable to !!!!

PoC :

<html>
<head><title>0n0z</title></head>
<body>
<script type="text/javascript">
for (i=0;i<65535;i++) {
alert('0n0z mustlive got you, now you're fucked, the only solution is
to restart your browser or be faster than JS !!!');
}
</script>
</body>
</html>


Greetz to Mustlive@...ap.com.ua

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJMBRJkAAoJEEESJ0AJ05HwJpYQAI84bDG8fNbq4lYjomqD3+Wf
29VzhaQt39FF2ERwh7sDYkc5wdw/DWfAC5SpwdVtr/0wDW0dyZV36RfJyUixysce
weKx5wztjjwzk4yQF61v8DXz7MEWLhuYv9fTGcw9LKpnDm9/Z0YZ6ObKp8dE9A11
1E4xzAByLYpEdTQyxosMsJ336oJgTc3NrjDiPJGoxOb65epLlc07aEaP7ZA7jE/J
i+M0ukNl8CKAryGs8DhDf+5fkJf1wcqOUoxK4mJ4nPe0IhhoQ+FUizB04E7MpK8P
OisvgW8I6tdGurJTfux14Jj6NZXBuL0ww65e3vfgOrm8WRtKPrbwiRd1nk8NqsCC
Nz5UBxEr32YhEUdgoXPj8ZleBbvLL0z0PVoRtbBSyKABih8OUwPMUpa0WkpMno+x
gcG7vmO/bIr5wEjRGlK9NglCMqKNWzRk2f03KGIM2MMetB7KLvR/Kir3rL2n8a4k
nLj/EYRm4orHzIDtR/Fr8LixJPr1wwpi53OOPJEcpjDvud4sOKcfUPSb7cckc7wQ
vBPCNjPZ1D8V3GzJhE7+NHVVl8wUDwKodu0ejDmzJ2K7L1nLDiI9GStA8Xof98ne
4ZBLA3lCRsbcYDdE0cvqwMa+xyx7KUcMy5M8vimyTGpIhnFF2+ScdFgFzrDIEtNH
g+1w9Kvgr12i+aEmD2Me
=v3oL
-----END PGP SIGNATURE-----


Download attachment "0x09D391F0.asc" of type "application/pgp-keys" (3129 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ