-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I could not duplicate this with either Chrome or Safari (which also uses WebKit). I am using WinXP SP3 and Chrome v0.2.149.27 build 1538. I wonder if this is instead an issue with your Windows installation rendering the tool-tip for the title (which is default with browsers using WebKit). I tried varying values all the way up to 2147483647. Of course, the script running these high values would take a long time to complete the loop -- but that is to be expected. Mike Duncan ISSO, Application Security Specialist Government Contractor with STG, Inc. mike.duncan@xxxxxxxx Rotem Kerner wrote: | a vulnerability was found which allow a remote attacker to freeze the | users browser | by convincing him to visit a malicious web page | | Chrome(0.2.149.27) Denial of Service(Freeze) exploit poc: | http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html | | Exodus. | | | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD4DBQFIxWRHnvIkv6fg9hYRAnUqAJdM1yO2L0MoUJcM8rbKCjkHQ1EzAKCQZaEh OhKfgPnoocKhaz/ILWRBxw== =18Pq -----END PGP SIGNATURE-----
