oss-sec mailing list archives
Re: CVE request for browser IFRAME/file download DoS
From: Josh Bressers <bressers () redhat com>
Date: Tue, 6 Jul 2010 15:07:58 -0400 (EDT)
This is more complicated than I wish to deal with. I'm going to defer this one to MITRE. Thanks. -- JB ----- "Kurt Seifried" <kurt () seifried org> wrote:
Denial of service in various browsers: http://seclists.org/fulldisclosure/2010/Jul/69 Basically it opens a lot of iframes that point to a file download/run location, you get endlessly spammed with run/save/cancel, in the case of affected web browsers they become non-responsive and you need to kill them using task manager/etc. Affected Firefox 3.6.4 IE 8 Safari 5.0 (7533.16) Not affected: Chrome 5/6 Opera 10 -- Kurt Seifried kurt () seifried org tel: 1-703-879-3176
Current thread:
- CVE request for browser IFRAME/file download DoS Kurt Seifried (Jul 04)
- Re: CVE request for browser IFRAME/file download DoS Josh Bressers (Jul 06)