[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Re: some js code
- To: "Joseph Stone" <bubblor@xxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: [Full-Disclosure] Re: some js code
- From: "Berend-Jan Wever" <skylined@xxxxxxxxxxxxxxx>
- Date: Mon, 8 Nov 2004 08:14:08 +0100
This will recursively call a function again and again untill you've used up all
stack space: It's a stackoverflow DoS (NOT a bufferoverflow) it cannot be
exploited to elevate privilages.
Cheers,
SkyLined
----- Original Message -----
From: "Joseph Stone" <bubblor@xxxxxxxxx>
To: <skylined@xxxxxxxxxxxxxxx>
Sent: Monday, November 08, 2004 04:15
Subject: some js code
> i don't know whether it could be exploited, good luck
> ---------------------------------------------------
> <script language='javascript'>
> eval(y='try{eval(y)}catch(e){alert()}')
> </script>
> ---------------------------------------------------
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html