ActionScript is a crappy language, it's used in Flash movies.
Since it was created to be used by webdesigners, there are lots of
failsafe devices, including an "infinity loop detector".
No more than 100.000 iterations, as I remember.
Of course real programmers hated the thing, it created lots o
On Wed, 18 Apr 2007 [EMAIL PROTECTED] wrote:
> So - other than "it has already burned more than N seconds of CPU", what
> test do you propose to make?
"It has already consumed N megabytes of memory."
This condition is superfluous from a purely theoretical POV because a
program running for N unit
> There should be an implimentation on ALL browsers that a loop such
> large is
> unacceptable and refuse to even run it. There is no viable reason for a
> client-side to run a loop through so many itterations.
It's an unsolvable problem in computer science: a program (the browser) cannot
calcula
On Wed, 18 Apr 2007 12:31:57 EDT, Kradorex Xeron said:
> There should be an implimentation on ALL browsers that a loop such large is
> unacceptable and refuse to even run it. There is no viable reason for a
> client-side to run a loop through so many itterations.
There's this thing called the Tu
This also works under Konqueror.
There should be an implimentation on ALL browsers that a loop such large is
unacceptable and refuse to even run it. There is no viable reason for a
client-side to run a loop through so many itterations.
This DoS technique could be abused and iframes with the co
On 4/17/07, J. Oquendo <[EMAIL PROTECTED]> wrote:
III SOLUTION
Stop using Microsoft products or deal with a new advisory every other
day.
As the replies have shown, this isn't limited to IE7. It happens in Firefox
too, so your solution won't work. :)
In this particular case, IE7 actually ha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have confirmed that both Adobe Photoshop 7.0 and 7.1 are
vulnerable to this issue. However all versions of Paint Shop Pro
that I tested are not vulnerable. I repeat, Paint Shop Pro is not
vulnerable to this issue.
Ubuntu is not vulnerable to this
on IE 6.0.2800
>
> -nik
>
>
> - Original Message -
> From: "J. Oquendo" <[EMAIL PROTECTED]>
> To: "full-disclosure"
> Sent: Tuesday, April 17, 2007 8:09 PM
> Subject: [Full-disclosure] Internet Explorer Crash
>
>
> > ___
Dear carl hardwick,
Both Firefox 2.0.0.3 and IE 6.0.2900.2180 resisted (Firefox stops
loading page after 500MB of memory, IE warns about script slowing down
performance). It's simple memory bomb, probably you are vulnerable
because you have <= 512 MB of RAM.
--Tuesday, April 17, 20
Mozilla Firefox 2.0.0.3 is also vulnerable
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Also works on IE 6.0.2800
-nik
- Original Message -
From: "J. Oquendo" <[EMAIL PROTECTED]>
To: "full-disclosure"
Sent: Tuesday, April 17, 2007 8:09 PM
Subject: [Full-disclosure] Internet Explorer Crash
> ___
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Product: Internet Explorer Version 7.0.5730.11
Impact: Browser crash possibly more
Author: Jesus Oquendo
echo @infiltrated|sed 's/^/sil/g;s/$/.net/g'
I. BACKGROUND
Why bother? Who doesn't know what Internet Explorer and Microsoft are.
II. DESCRIPTI
12 matches
Mail list logo