Re: MS Internet Explorer 7 Denial Of Service Exploit

craig@airnet.net wrote:
> On Konqueror 3.5.9, what happens is that this childish code builds a huge string, eats memory, causes swapping, and finally blows away Konq.  Linux and X and everything else stay up and recover nicely.  (Gentoo/AMD64X2/3G mem)
>
> This isn't an exploit -- at least not on Linux -- it's just kiddie stupidity.  It doesn't take any particular cleverness to blow memory by dynamically creating bigger and bigger data structures.  With virtual memory and 64-bit pointers, when exactly do we return -ENOMEM?
>
>   
Could you be a bit more specific as to the circumstances of the DOS 
exploit and how this could be replicated?
Thank you.