[Webkit-unassigned] [Bug 69955] New: Webkit crashes Linux Kernel
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Oct 12 13:02:03 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=69955
Summary: Webkit crashes Linux Kernel
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Linux
Status: UNCONFIRMED
Severity: Critical
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: x47ru.x9090 at googlemail.com
CC: x47ru.x9090 at googlemail.com
Created an attachment (id=110727)
--> (https://bugs.webkit.org/attachment.cgi?id=110727&action=review)
HTML exploit code
Greetings,
during the work on my bachelor thesis I did some penetration testing with webkit. I found serval bugs. I'll report them here now stept by step. The exploid code is attached.
========================
= System specification =
WebKit version: r90943 nighty build
Operating system: Ubuntu 10.04 LTS x86 with all updates
CPU: Intel Core 2 Duo
Memory: 2 GB
===================
= System behavior =
WebKit Test Browser (QtTestBrowser) is startet as a normal user. User opens a prepareted website on a remote webserver. The browser opens the website and after just a second it is no longer possible to use the system. After around 30 seconds the grapical user interface will be closed and you can see that several demons are killed. The only way to get back an working system is to restart it.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list