[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....



On 21 Jul 2009, at 08:12, Michal Zalewski wrote:
There are literally thousands of HTML- and JavaScript-related denial
of service vectors in modern browsers...

There's one significant difference in this one, though: while a bunch of nested <div>s (for instance) will just mess with the HTML renderer, a malformed or oversized <select> element may end up passing bad data to native menu APIs. It's one of the only elements I can think of offhand that often has effects which extend outside the HTML canvas.