Feeds

Memory-hogging bug offers universal browser crash exploit

DOM and dumber

New hybrid storage solutions

Security researchers have published details of a security flaw that can crash multiple browsers across multiple platforms.

There are many more flaws out there that are more serious, but the security shortcomings in JavaScript's DOM (Document Object Model) are nonetheless noteworthy because the issue affects Firefox, Safari, Opera, Chrome and Internet Explorer to a lesser or greater extent. Even smartphones, such as the iPhone and Nokia N95, as well at the Sony PS3 might be forced to crash using the approach, obliging users to reset devices.

The flaw works by tricking a browser into allocating huge chunks of memory, behaviour likely to result in a crash.

Using JavaScript's DOM (Document Object Model) to create a selection menu on a web page with a very high value sets up the trick. H Security explains that the coding trickery results in a huge allocation of memory.

This isn't in itself a problem if the memory area is defined as read only, but problems arise in the many cases where browsers fail to stop overwrites, leading to two processes trying to get at the same portion of memory at the same time and therefore provoking browser crashes.

The flaw presents a browser crash rather than malware injection risk in all cases. Crashing is most easily achieved on IE, with all versions of Microsoft's browser affected. Versions of Ubuntu running Konquerer might be forced to reboot if exposed to attacks based on the bug because of a memory management failure issue.

By contrast Opera, Chrome and Firefox have all been patched to defend against the flaw - so only older versions of those browsers are affected.

A security advisory from G-Sec, including proof of concept code, explains the issue in far greater depth here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Drag queens: Oh, don't be so bitchy, Facebook! Let us use our stage names
Handbags at dawn over free content ad network's ID policy
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
'Serious flaws in the Vertigan report' says broadband boffin
Report 'fails reality test' , is 'simply wrong' and offers ''convenient' justification for FTTN says Rod Tucker
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
Apple Watch will CONQUER smartwatch world – analysts
After Applelocalypse, other wristputers will get stuck in
Shades of Mannesmann: Vodafone should buy T-Mobile US
Biting the bullet would let Blighty-based biz flip the bird at AT&T
Net neutrality fans' joy as '2.3 million email' flood hits US Congress
FCC invites opinions in CSV format, after Slowdown day 'success'
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.