-=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- (c) WidthPadding Industries 1987 0|465|0 -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=-
SoCoder -> Link Home -> Dev-News

 
HoboBen
Created : 06 August 2009
 

One Bug to Rule Them All



https://www.g-sec.lu/one-bug-to-rule-them-all.html
Affected products :

* Internet Explorer 5, 6, 7, 8 (all versions)
* Chrome (limited)
* Opera
* Seamonkey
* Midbrowser
* Netscape 6 & 8 (9 years ago)
* Konqueror (all versions)
* Apple iPhone + iPod
* Apple Safari
* Thunderbird
* Nokia Phones : Nokia N95 (Symbian OS v.9.2),Nokia N82, Nokia N810 Internet Tablet
* Aigo P8860 (Browser hangs and cannot be restarted)
* Siemens phones
* Google Android G1 (TC4-RC30 & Firmware 1.5, Kernel: 2.6.27-00393-g6607056, Build: CRB4)
G-SEC thanks Scott Fraser for the notice
* Blackberry 8800 & 8130 (Browser crash due to null ptr deref)
G-SEC thanks "528-0444" & "Tyler Reguly" for the notice
* possibly more devices and products that support Javascript,

 

Comments
Thursday, 06 August 2009, 21:10
cthug
 		Firefox is clean
Friday, 07 August 2009, 00:18
shroom_monk
 		Ouch. Now that it's been discovered, do you think we'll see more use of it now before it's all patched up?
Friday, 07 August 2009, 01:46
Jayenkai
 		Wow!!!
Friday, 07 August 2009, 06:44
spinal
 		9 years to discover and fix a bug !!
Friday, 07 August 2009, 10:12
JL235
 		Is this really a bug? I suppose you shouldn't be able to use up the browsers entire amount of memory from JavaScript, but bear in mind this is no different then making a giant array in your own application.
Friday, 07 August 2009, 10:21
Jayenkai
 		Yeah, I think this is one of those "Just a damn limit!" type of issues.
I mean, if you take a 500Gb image file, and replace any .png image in any Blitz game with that image.. it's gonna crash!!
Friday, 07 August 2009, 10:47
JL235
 		Although I was really impressed that it causes Ubuntu to restart. That's kinda a big flaw.