[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opera 9 DoS PoC

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Opera 9 DoS PoC
From: "Bruno Lustosa" <bruno.lists@xxxxxxxxx>
Date: Wed, 21 Jun 2006 14:21:08 -0300

On 21 Jun 2006 03:39:09 -0000, N9@xxxxxxxxxxx <N9@xxxxxxxxxxx> wrote:

Details:

Vulnerability can be exploited by using a large value in a href tag to create 
an out-of-bounds memory access.

Proof Of Concept DoS exploit:

http://www.critical.lt/research/opera_die_happy.html


Interesting enough, clicking on that link under Firefox 1.5.0.4 made
it hang for about 20 seconds, consuming 100% cpu time.
Probably not a vulnerability, although it could be "exploited" to annoy users.

--
Bruno Lustosa <bruno@xxxxxxxxxxx>
http://www.lustosa.net/

Follow-Ups:
- Re: Opera 9 DoS PoC
  - From: Bastian Ahrens
- Re: Opera 9 DoS PoC
  - From: Eric Furman

References:
- Opera 9 DoS PoC
  - From: N9

Prev by Date: Re: PHP security (or the lack thereof)
Next by Date: WBB<<---v2.0 RC2 "newthread.php" SQL Injection
Previous by thread: Opera 9 DoS PoC
Next by thread: Re: Opera 9 DoS PoC
Index(es):
- Date
- Thread