|
|
LinkBack | Thread Tools |
06-09-2005, 01:45 PM | #1 (permalink) |
Crazy
Location: Belgium
|
[Vulnerability Warning] Windows crashes because a "too big" picture in browser
A simple HTLM page is capable of crashing a windows pc.
When an image-tag in an HTML page is loaded and the size of the image is blown up with the WITH and HEIGHT attributes until a certain extend, the loaded image eats up so much recourses that the videodriver and the computer crashes (bluescreen, restart or freezes). so, watch out for bad jokes with this vulnarability! my source is a German site: heise online and The 'Full-disclosure' mailinglist Next is an example of the code that 'causes the crashes. It is extremely simple: !!!! Warning: Use this code at your own risk. Save anything you are working on before trying out. !!!! copy and paste in a HTML page. point the "YourImage.jpg" to a real image. PHP Code:
__________________
Amerika by Franz Kafka “As Karl Rossman, a poor boy of sixteen who had been packed off to America by his parents because a servant girl had seduced him and got herself a child by him, stood on the liner slowly entering the harbour of New York, a sudden burst of sunshine seemed to illumine the Statue of Liberty, so that he saw it in a new light, although he had sighted it long before. The arm with the sword rose up as if newly stretched aloft, and round the figure blew the free winds of heaven.” |
06-09-2005, 02:30 PM | #3 (permalink) | |
Crazy
Location: Belgium
|
Quote:
But I have a bad feeling that I'm going to encounter this a lot: think of guestbooks, msn, fora, bbs,... all could be HMTL-enabled and all could be easy accessed by 13 year old no-brain would-be script-kiddies. EDIT: watch out @ work! I just successfully crashed a win2k server while opening a page with this code through remote desktop. Luckily for me this was my own test-server and it is located in the room next to me, but I can't think of what would happen in a live environment
__________________
Amerika by Franz Kafka “As Karl Rossman, a poor boy of sixteen who had been packed off to America by his parents because a servant girl had seduced him and got herself a child by him, stood on the liner slowly entering the harbour of New York, a sudden burst of sunshine seemed to illumine the Statue of Liberty, so that he saw it in a new light, although he had sighted it long before. The arm with the sword rose up as if newly stretched aloft, and round the figure blew the free winds of heaven.” Last edited by T.U.B.; 06-09-2005 at 02:38 PM.. |
|
06-09-2005, 02:50 PM | #5 (permalink) |
Guest
|
I just ran the german site through a translator - http://www.google.com/translate?u=ht...&hl=en&ie=UTF8
looks like Firefox etc might have problems with this as well. |
06-09-2005, 03:15 PM | #6 (permalink) |
Guest
|
Well I just tested it - If you're quick, you could probably stop Firefox via your Task Manager before it crashes your machine (it really slowed my PC down but I stopped it before it got really nasty)
However, IE caused a reboot within 20 seconds of me opening a page I'd made. |
06-09-2005, 03:51 PM | #7 (permalink) |
Lennonite Priest
Location: Mansfield, Ohio USA
|
Good thing I use Yahoo mail and have my HTML disabled.
Does it affect netscape?
__________________
I just love people who use the excuse "I use/do this because I LOVE the feeling/joy/happiness it brings me" and expect you to be ok with that as you watch them destroy their life blindly following. My response is, "I like to put forks in an eletrical socket, just LOVE that feeling, can't ever get enough of it, so will you let me put this copper fork in that electric socket?" |
06-09-2005, 07:21 PM | #8 (permalink) |
Mjollnir Incarnate
Location: Lost in thought
|
There was a story about this on digg a couple days ago. Based on the thread there, linux and macs are unaffected. And you can be unaffected as well if you have a good processor and plenty of memory. I crashed pretty hard, though.
|
Tags |
big, browser, crashes, picture, vulnerability, warning, windows |
|
|