[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability
- To: securityadvisory <securityadvisory@xxxxxxxxxxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability
- From: Daniel Veditz <dveditz@xxxxxxxxxx>
- Date: Tue, 22 Nov 2005 08:57:06 -0800
Toufeeq Hussain wrote:
>> Security Advisory (Reclassification) :: CT21-11-2005
>> -----------------------------------------------------
>>
>> Title: Microsoft Internet Explorer JavaScript Window()
>> Vulnerability
>
> Is it just me or did this exploit just DOS'ed my Firefox 1.0.7(Debian
> Linux).
> Just try the Windows XP Link given in the POC URL.
> Firefox just hung with 100% CPU utilization.
This does DOS Firefox (and the Mozilla Suite), tracked at
https://bugzilla.mozilla.org/show_bug.cgi?id=317334
The problem appears to be related to trying to reflow Bi-directional
text, we've chunked the 200K character prompt dialog into 66K internal
chunks and appear to have a really sucky algorithm for doing so.
Eventually Firefox will show the prompt dialog and continue on normally
(where eventually can be up to a couple of minutes).
-Dan Veditz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/