[Full-disclosure] Computer Terrorism Security Advisory (Reclassification) - Microsoft Internet Explorer JavaScript Window() Vulnerability
Daniel Veditz
dveditz at cruzio.com
Tue Nov 22 16:57:06 GMT 2005
Toufeeq Hussain wrote:
>> Security Advisory (Reclassification) :: CT21-11-2005
>> -----------------------------------------------------
>>
>> Title: Microsoft Internet Explorer JavaScript Window()
>> Vulnerability
>
> Is it just me or did this exploit just DOS'ed my Firefox 1.0.7(Debian
> Linux).
> Just try the Windows XP Link given in the POC URL.
> Firefox just hung with 100% CPU utilization.
This does DOS Firefox (and the Mozilla Suite), tracked at
https://bugzilla.mozilla.org/show_bug.cgi?id=317334
The problem appears to be related to trying to reflow Bi-directional
text, we've chunked the 200K character prompt dialog into 66K internal
chunks and appear to have a really sucky algorithm for doing so.
Eventually Firefox will show the prompt dialog and continue on normally
(where eventually can be up to a couple of minutes).
-Dan Veditz
Full-Disclosure is hosted and sponsored by Secunia.