Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule

看板Bugtraq作者andfarm.時間16年前 (2009/07/23 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串2/2 (看更多)

On 21 Jul 2009, at 08:12, Michal Zalewski wrote: > There are literally thousands of HTML- and JavaScript-related denial > of service vectors in modern browsers... There's one significant difference in this one, though: while a bunch of nested <div>s (for instance) will just mess with the HTML renderer, a malformed or oversized <select> element may end up passing bad data to native menu APIs. It's one of the only elements I can think of offhand that often has effects which extend outside the HTML canvas.

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 andfarm. 的文章

文章代碼(AID): #1APrFZ0x (Bugtraq)

討論串 (同標題文章)

完整討論串 (本文為第 2 之 2 篇)：

排序：最新先 | 最舊先 | 留言數

Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule

andfarm.

16年前, 07/23

Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule

16年前, 07/22

文章代碼(AID): #1APrFZ0x (Bugtraq)