New issue
Advanced search Search tips

Issue 716414 link

Starred by 1 user

Issue metadata

Status: Duplicate
Merged: issue 394296
Owner: ----
Closed: Apr 2017
EstimatedDays: ----
NextAction: ----
OS: All
Pri: ----
Type: Bug-Security


Participants' hotlists:
Hotlist-1


Sign in to add a comment

Browser denial of service

Reported by mohacker...@gmail.com, Apr 28 2017

Issue description

hi , i discovered a vulnerability that kills or crashes the google chrome browser and this vulnerability works on all the versions of chrome ,
VULNERABILITY DETAILS
the work principle of that vulnerability is filling the memory of the browser 
with a lot of javascript angular cod . 
the vulnerability caused by an "angular javascript library" any way the 
vulnerability can be executed by sending a link that loads that script 
and once the victim clicks on it his browser will die after one or two seconds 
i tested it many times and it crashed my chrome browser . i have uploaded that script into my website so you can test it and once you click on the link which i 
gonna send your browser will die or stuck and here is the link |note: before you
click on that link be careful" 
http://thebm.ml/test/index.html#/OpenWebsite.html
or this 
http://thebm.ml/test/index.html

VERSION
Chrome Version: [all versions]
Operating System: [all systems]

REPRODUCTION CASE
the vulnerability caused by an "angular javascript library" any way the 
vulnerability can be executed by sending a link that loads that script 
and once the victim clicks on it his browser will die after one or two seconds 
i tested it many times and it crashed my chrome browser . i have uploaded that script into my website so you can test it and once you click on the link which i 
gonna send your browser will die or stuck and here is the link |note: before you
click on that link be careful" 
http://thebm.ml/test/index.html#/OpenWebsite.html
or this 
http://thebm.ml/test/index.html


FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: [browser, losing any opened data that not saved ]

If You wanted any info related to the vulnerability just ask me
Regards ,

Justin 

 
This looks like  Issue 394296  where the flood of IPCs from navigation makes the browser unresponsive.

Comment 2 by palmer@chromium.org, Apr 28 2017

Labels: OS-All
Mergedinto: 394296
Status: Duplicate (was: Unconfirmed)
Summary: Browser denial of service (was: Security: cod that kills the whole browser )
yeah , i know it's denial of service , but you gonna fix it , right ?
please, can i have a replay for my issue ???


thanks for your time.
Project Member

Comment 5 by sheriffbot@chromium.org, Nov 30 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment