[Webkit-unassigned] [Bug 19270] New: WebKit crashes running IE Bait & Switch attack page
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 27 11:29:45 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=19270
Summary: WebKit crashes running IE Bait & Switch attack page
Product: WebKit
Version: 526+ (Nightly build)
Platform: PC
URL: http://lcamtuf.coredump.cx/ierace/
OS/Version: Windows XP
Status: NEW
Severity: Normal
Priority: P1
Component: New Bugs
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: eric at webkit.org
WebKit crashes running IE Bait & Switch attack page
Mac Safari does not seem vulnerable to the IE Bait and Switch attack. I don't
really suspect that Win Safari is either. However, closing the attack window
(the window which pops up and loads google.pl repeatedly) while the test is
running crashes Safari.
I was using Safari 3.1 with heap-checking enabled (gflags.exe).
1. Open http://lcamtuf.coredump.cx/ierace/
2. Click on "Click here to begin test"
3. Close the window that appears and is running the test (opening google.pl
repeatedly).
4. Crash!
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list