Paid Advertising is
ha.ckers sla.cking
How do we crash systems, browsers, or otherwise bring things to a halt, and how do we protect those things? 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Stack Overflow in IE
Posted by: digi7al64
Date: January 16, 2007 12:41AM

In trying to create a xss vulnerability for a something else I have stumbled across this possible gem which results in a stack overflow in IE. Of course i really no nothing about stack overflows (except for the basics) so would anybody care to shed some light on this?

<img id="xss" src="xss.jpg" onerror="this.src='xss.jpg';" ontimeerror="alert('xss');"> 
<script for="img" event="ontimeerror">

'Just because you got the bacon, lettuce, and tomato don't mean I'm gonna give you my toast.'

Options: ReplyQuote
Re: Stack Overflow in IE
Posted by: SystemOfAHack
Date: January 16, 2007 12:24PM

Meh, I know little or nothing about stack overflows so I can't help. However, I did find this a good while back:
function a(){
Just gives a "stack overflow" error, as your code did when I tested it in IE. In FF the above code returns a "too much recursion" error. Only seem to get a broken image in FF for yours, but as you say it's for IE. Mine's probably sucky and useless to be honest, but there you are.

Edited 1 time(s). Last edit at 01/16/2007 12:27PM by SystemOfAHack.

Options: ReplyQuote

Sorry, only registered users may post in this forum.