Dnia 10-07-2007, wto o godzinie 21:46 +0000, gynvael (at) coldwind (dot) pl [email concealed]
napisaÅ?(a):
> Michal Zalewski wrote:
> >> 1. Firefox 2.0.0.4 Remote Denial of Service Vulnerability
> >> http://sapheal.hack.pl/phun/ff2die/
> >This does not crash on me, and I can't see a likely mechanism of action
> >that would lead to a DoS condition.
>
> It did hang Firefox 2.0.0.4 (32 bit) at my place (Microsoft Vista, x64). The browser did not respond, and had to be killed. Looks like DoS to me.
Yep, firefox stops to respond because this script opens 10000 new
windows. Following that way I can say, that i found DoS in Word, because
when I tried to open 10000 documents it also stopped to respond.
--
Michael "carstein" Melewski | "We have no future because our present
carstein()7thguard.net | is too volatile. We have only risk
mobile: 512 357 303 | management. The spinning of the given
JID: carstein()gentoo.pl | moment's scenarios. Pattern recognition.
napisaÅ?(a):
> Michal Zalewski wrote:
> >> 1. Firefox 2.0.0.4 Remote Denial of Service Vulnerability
> >> http://sapheal.hack.pl/phun/ff2die/
> >This does not crash on me, and I can't see a likely mechanism of action
> >that would lead to a DoS condition.
>
> It did hang Firefox 2.0.0.4 (32 bit) at my place (Microsoft Vista, x64). The browser did not respond, and had to be killed. Looks like DoS to me.
Yep, firefox stops to respond because this script opens 10000 new
windows. Following that way I can say, that i found DoS in Word, because
when I tried to open 10000 documents it also stopped to respond.
--
Michael "carstein" Melewski | "We have no future because our present
carstein()7thguard.net | is too volatile. We have only risk
mobile: 512 357 303 | management. The spinning of the given
JID: carstein()gentoo.pl | moment's scenarios. Pattern recognition.
[ reply ]