Bugtraq mailing list archives
Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit
From: Mike Duncan <Mike.Duncan () noaa gov>
Date: Mon, 08 Sep 2008 13:43:36 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I could not duplicate this with either Chrome or Safari (which also uses WebKit). I am using WinXP SP3 and Chrome v0.2.149.27 build 1538. I wonder if this is instead an issue with your Windows installation rendering the tool-tip for the title (which is default with browsers using WebKit). I tried varying values all the way up to 2147483647. Of course, the script running these high values would take a long time to complete the loop -- but that is to be expected. Mike Duncan ISSO, Application Security Specialist Government Contractor with STG, Inc. mike.duncan () noaa gov Rotem Kerner wrote: | a vulnerability was found which allow a remote attacker to freeze the | users browser | by convincing him to visit a malicious web page | | Chrome(0.2.149.27) Denial of Service(Freeze) exploit poc: | http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html | | Exodus. | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD4DBQFIxWRHnvIkv6fg9hYRAnUqAJdM1yO2L0MoUJcM8rbKCjkHQ1EzAKCQZaEh OhKfgPnoocKhaz/ILWRBxw== =18Pq -----END PGP SIGNATURE-----
Current thread:
- Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Rotem Kerner (Sep 08)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Mike Duncan (Sep 08)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Wellington Wagner F. Sarmento (Sep 08)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Rotem Kerner (Sep 09)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Mike Duncan (Sep 09)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Rotem Kerner (Sep 09)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Razi Shaban (Sep 09)
- <Possible follow-ups>
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit a (Sep 08)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit gynvael (Sep 09)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Razi Shaban (Sep 09)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Julien Stuby (Sep 10)
- Re: Chrome(0.2.149.27) title(not the tag) Denial of Service(Freeze) exploit Razi Shaban (Sep 09)