On 21 Jul 2009, at 08:12, Michal Zalewski wrote: > There are literally thousands of HTML- and JavaScript-related denial > of service vectors in modern browsers...
There's one significant difference in this one, though: while a bunch of nested <div>s (for instance) will just mess with the HTML renderer, a malformed or oversized <select> element may end up passing bad data to native menu APIs. It's one of the only elements I can think of offhand that often has effects which extend outside the HTML canvas. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
