On Wed, 21 Jun 2006 14:21:08 -0300, "Bruno Lustosa" <bruno.lists@xxxxxxxxx> said: > On 21 Jun 2006 03:39:09 -0000, N9@xxxxxxxxxxx <N9@xxxxxxxxxxx> wrote: > > Details: > > > > Vulnerability can be exploited by using a large value in a href tag to create an out-of-bounds memory access. > > > > Proof Of Concept DoS exploit: > > > > http://www.critical.lt/research/opera_die_happy.html > > Interesting enough, clicking on that link under Firefox 1.5.0.4 made > it hang for about 20 seconds, consuming 100% cpu time. > Probably not a vulnerability, although it could be "exploited" to annoy > users. Under Netscape 8.1 the link did nothing using the Firefox rendering engine. However, when using the Internet Explorer rendering engine an error window comes up; Microsoft Visual C++ Debug Library: Debug Assertion Failed! It has three buttons; Abort, Retry and Ignore. Hitting Abort or Retry crashes the browser while Ignore closes the window and nothing further happens. -- Eric Furman ericfurman@xxxxxxxxxxxx
