|
|
BugTraq
Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Sep 08 2008 02:41PM Rotem Kerner (rotem bugsec com) (3 replies) Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Sep 08 2008 10:51PM Razi Shaban (razishaban gmail com) Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Sep 08 2008 09:50PM Wellington Wagner F. Sarmento (wwagner33 gmail com) (1 replies) Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Sep 09 2008 08:08AM Rotem Kerner (rotem bugsec com) (1 replies) Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Sep 09 2008 06:16PM Mike Duncan (Mike Duncan noaa gov) |
|
Privacy Statement |
Hash: SHA1
I could not duplicate this with either Chrome or Safari (which also uses
WebKit). I am using WinXP SP3 and Chrome v0.2.149.27 build 1538. I
wonder if this is instead an issue with your Windows installation
rendering the tool-tip for the title (which is default with browsers
using WebKit).
I tried varying values all the way up to 2147483647. Of course, the
script running these high values would take a long time to complete the
loop -- but that is to be expected.
Mike Duncan
ISSO, Application Security Specialist
Government Contractor with STG, Inc.
mike.duncan (at) noaa (dot) gov [email concealed]
Rotem Kerner wrote:
| a vulnerability was found which allow a remote attacker to freeze the
| users browser
| by convincing him to visit a malicious web page
|
| Chrome(0.2.149.27) Denial of Service(Freeze) exploit poc:
| http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html
|
| Exodus.
|
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFIxWRHnvIkv6fg9hYRAnUqAJdM1yO2L0MoUJcM8rbKCjkHQ1EzAKCQZaEh
OhKfgPnoocKhaz/ILWRBxw==
=18Pq
-----END PGP SIGNATURE-----
[ reply ]