|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andrew Farmer (andfarm
gmail.com)
Date: Wed Jul 22 2009 - 00:32:29 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 21 Jul 2009, at 08:12, Michal Zalewski wrote:
> There are literally thousands of HTML- and JavaScript-related denial
> of service vectors in modern browsers...
There's one significant difference in this one, though: while a bunch
of nested <div>s (for instance) will just mess with the HTML renderer,
a malformed or oversized <select> element may end up passing bad data
to native menu APIs. It's one of the only elements I can think of
offhand that often has effects which extend outside the HTML canvas.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]