<<< Date Index >>>     <<< Thread Index >>>

Re: Opera 9 DoS PoC



On Wed, 21 Jun 2006 14:21:08 -0300, "Bruno Lustosa"
<bruno.lists@xxxxxxxxx> said:
> On 21 Jun 2006 03:39:09 -0000, N9@xxxxxxxxxxx <N9@xxxxxxxxxxx> wrote:
> > Details:
> >
> > Vulnerability can be exploited by using a large value in a href tag to 
> > create an out-of-bounds memory access.
> >
> > Proof Of Concept DoS exploit:
> >
> > http://www.critical.lt/research/opera_die_happy.html
> 
> Interesting enough, clicking on that link under Firefox 1.5.0.4 made
> it hang for about 20 seconds, consuming 100% cpu time.
> Probably not a vulnerability, although it could be "exploited" to annoy
> users.

Under Netscape 8.1 the link did nothing using the Firefox rendering
engine. However, when using the Internet Explorer rendering engine
an error window comes up;
Microsoft Visual C++ Debug Library: Debug Assertion Failed!
It has three buttons; Abort, Retry and Ignore.
Hitting Abort or Retry crashes the browser while Ignore closes the
window and nothing further happens.
-- 
  Eric Furman
  ericfurman@xxxxxxxxxxxx