Browser Flaw Can Cause Denial of Service

From eSecurityPlanet.com:

In addition to Microsoft Internet Explorer, … a new bug…targets the Mozilla Browser, Mozilla Firefox, Opera and Apple Safari. It causes them to crash and could potentially form the basis of an exploit that would affect virtually all major browsers.

The bug is not inherent in the browser code itself, but in the implementation of Javascript, the scripting language developed by Netscape that allows developers to design web sties with dynamic graphics and interactive features.

The…Infinite Array Sort Denial Of Service Vulnerability…causes the affected browsers to execute an infinite JavaScript array sort. That operation in turn effectively causes a DoS on the browser in question and causes it to crash..

While there are no confirmed exploits of this bug in the wild that expand upon the vulnerability to allow a hacker to run malicious code, they will probably appear soon. Neither Mozilla, Microsoft, Opera or Apple have provided any patches.

Article Written by