|
|
Maliciously crafted JavaScript inducing Safari crash on iOS, OS X
|
|
|
|
MacNN Staff
Join Date: Jul 2012
Status:
Offline
|
|
A new, relatively harmless, exploit in Safari has been discovered. Users tricked into visiting a webpage, utilizing a specifically crafted JavaScript routine will find that Apple's Safari in iOS or OS X crashes at a minimum, and in some cases, freezes the device so profoundly that a force quit doesn't work completely, forcing the user to reboot if they wish to use Safari again. Also affected by the flaw in a similar fashion is the Chrome browser on Android or Windows, and in theory, anything else that uses WebKit.
The website, crashsafari.com, exploits JavaScript to call the HTML5 history to change the displayed text in the URL of the browser up to 100,000 times. Safari, OS X, or iOS don't deal with this very well, and at best, the system dramatically slows during the script execution. Users with "Enable JavaScript" disabled in the Safari security settings won't be affected by the exploit.
Using short URL tools, or redirections, it can be easy to trick a user into visiting the page. However, at this time, there doesn't appear to be any security issue with the exploit.
(
Last edited by NewsPoster; Jan 25, 2016 at 12:28 PM.
)
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: May 2001
Location: Collinsville, IL, USA
Status:
Offline
|
|
|
|
|
|
|
|
|
|
|
Managing Editor
Join Date: Jul 2012
Status:
Offline
|
|
Because people google "Why is my safari crashing when I visit a site" and they deserve an answer.
|
|
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Mar 2000
Status:
Offline
|
|
More retarded, broken misfits getting their kicks by causing trouble for the rest of us. Pitiful.
|
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Apr 2007
Status:
Offline
|
|
I miss those crashme sites that worked on Windows users.
btw, the site doesn't seem to crash older Safari versions. 5.1 failed to crash, just got really laggy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|