There was an interesting post today on modernlifeisrubbish.co.uk discussing how to crash Internet Explorer in one line of JavaScript. It’s a pretty interesting one line of JavaScript, but it more or less just sends Internet Explorer into an infinite loop. I’ve seen similar issues in Firefox, Opera, Netscape, etc… so I wouldn’t call this a major make or break deal, but it is nice to know you can safely crash the browser every time reliably.

I’m particularly interested in how DoS can affect user input though. There has to be interesting ways to use this towards breaking applications although I haven’t found any practical applications beyond after a MITM attack has succeeded and you want to avoid conflicts by killing off the user’s connection, or surfacing so many alerts that they inadvertantly click on something that executes malware. I’m sure there are other applications, but I just haven’t spent enough time thinking about it.

This entry was posted on Wednesday, August 30th, 2006 at 1:58 pm and is filed under Webappsec, Random Security. You can leave a response as well.