hello peps,
today i played with html and a thing i found
is a bug that causes the system to crash.
i just tested it with firefox, maybe other
browsers have the same bug?
can anybody tell me if it is known or not?
DONT CLICK AT THE LINK WITHOUT SAVING ALL WORK
here a test link:
www.xtremescripter.de/pngbug
Full Version: Just A Firefox Bug?
QUOTE(satknis @ Jul 13 2005, 03:55 PM)
hello peps,
today i played with html and a thing i found
is a bug that causes the system to crash.
i just tested it with firefox, maybe other
browsers have the same bug?
can anybody tell me if it is known or not?
DONT CLICK AT THE LINK WITHOUT SAVING ALL WORK
here a test link:
www.xtremescripter.de/pngbug
today i played with html and a thing i found
is a bug that causes the system to crash.
i just tested it with firefox, maybe other
browsers have the same bug?
can anybody tell me if it is known or not?
DONT CLICK AT THE LINK WITHOUT SAVING ALL WORK
here a test link:
www.xtremescripter.de/pngbug
BTW - The image bug in firefox crashing a system is known for some time and was posted on security sites.
And why won't you also post the code?
So if yours isn't using the same method then the more you should post it.Hopefully in FF 1.05 they fixed that.
Good Lord man. That is a scary vulnerability. Amazingly, it only froze my computer for about 5 seconds on firefox 1.0.5. But something even scarier happened in Internet Explorer when I tested with the security settings set to the max on the local intranet and internet zones. Blue Screen of Death. Followed by a reboot where my computer no longer recognized my hard drive. COMPLETE CRASH. 
Upon fixing the problem, the logs stated it crashed my ati display driver.
This is the html code for the 1024x768x24 BPP png file:
I managed to save a complete copy of the page for further testing. My computer is fully patched and updated as far as I can find. This worries me. I want to know more about this, because this seems to be a cross browser problem. Why is internet explorer vulnerable to this and not my picture viewer or explorer? Anyone else survived a test of this page?
Upon fixing the problem, the logs stated it crashed my ati display driver. This is the html code for the 1024x768x24 BPP png file:
CODE
<html><head></head><body>know or not?<br>
but it crashes your system or doesn't it?
:-/<p></p>
<p>mfg
<img src="pngbug_files/pic.png" alt="puh" height="9999999" width="9999999"></p></body></html>
but it crashes your system or doesn't it?
:-/<p></p>
<p>mfg
<img src="pngbug_files/pic.png" alt="puh" height="9999999" width="9999999"></p></body></html>
I managed to save a complete copy of the page for further testing. My computer is fully patched and updated as far as I can find. This worries me. I want to know more about this, because this seems to be a cross browser problem. Why is internet explorer vulnerable to this and not my picture viewer or explorer? Anyone else survived a test of this page?
Wow, you were playing with HTML and discovered a moderalty old bug involving png scaling with almost all browsers, what are the chances. 
STOP LYING!!!!!!
Besides, it's bug, not really suited for code execution, so it isn't that severe or critical.
STOP LYING!!!!!!
Besides, it's bug, not really suited for code execution, so it isn't that severe or critical.
although it would be fun to play with. you know what i mean 
They sure are taking their time fixing that bug. It seemed pretty severe to Internet Explorer and can obviously be used for evil. I know that I didn't lie about what happened. I could use this to steal a coworkers mac address with ARP Spoofing when their computer goes down. You don't consider crashing a user's pc remotely dangerous?
Wow this bug crashed my pc on internet explorer and froze it on firefox 1.0.5 and I'm running sp2
linux_dude: if you think so ok... but i was playing with html as i found it out! and it was new for me.
so if it is so old where can i find something about it? manaox2 has posted the code!
i had not enough time to post the code, but i wanted to show all people this bug.
i now have tested it with firefox and IE and
my system also crashes with BSOD, it says something that ati2dvag or so has a
error...
i think the problem is that it fills the graphic cards ram and causes it to crash.
so if it is so old where can i find something about it? manaox2 has posted the code!
i had not enough time to post the code, but i wanted to show all people this bug.
i now have tested it with firefox and IE and
my system also crashes with BSOD, it says something that ati2dvag or so has a
error...
i think the problem is that it fills the graphic cards ram and causes it to crash.
I also have that same video driver. I am thinking that possibly this bug only affects the ati video driver. Can someone test this with, say, an Nvidia video card? I want to know if this is a hardware bug because my video card is fairly new. I'm not sure about the video card's RAM thing. It doesn't make sence to me unless Internet Explorer allocates the RAM for the picture differently than firefox. Or maybe firefox has a limiter in place.
I have agp nVidia TNT2 M64
It has nothing to do with your browser or video card, it's an inherent flaw in the way windows processes HUGE images, causing kernel panics and a BSOD referencing your video driver, won't happen on a mac or linux.
What exactly were you trying to put up on a page that needs a square of 100 million pixles? (That's the problem btw ) Just asking to see how you 'stumbled' on this bug.
Here's the original page for the bug: hxxp://www.hunger.hu/win.html (Don't click unless you want to BSOD windows)
What exactly were you trying to put up on a page that needs a square of 100 million pixles? (That's the problem btw
) Just asking to see how you 'stumbled' on this bug.Here's the original page for the bug: hxxp://www.hunger.hu/win.html (Don't click unless you want to BSOD windows)
umm doesnt hurt my system one bit. I can scroll around the page and have fun 
WinXP Pro SP2 (With all current updates)
1GB RDRAM
P4 2.4Ghz
GeForce 4 Ti 4200 Vid card
also have Firefox 1.0.5
WinXP Pro SP2 (With all current updates)
1GB RDRAM
P4 2.4Ghz
GeForce 4 Ti 4200 Vid card
also have Firefox 1.0.5
Well this bug doesn't affect firefox 1.0.5. Try visiting the link with your IE
i was making a design.
the page has some pictiures in it and as i reached the end of the code
a friend of mine(who doesn't know this bug and is a little crazy) told me to put
some real high numbers in width hight tags. as i was viewing the page my pcs
beguns to freeze, then it hat a BSOD. thats how i found out this bug!
ps: it always easier to say lier...
the page has some pictiures in it and as i reached the end of the code
a friend of mine(who doesn't know this bug and is a little crazy) told me to put
some real high numbers in width hight tags. as i was viewing the page my pcs
beguns to freeze, then it hat a BSOD. thats how i found out this bug!
ps: it always easier to say lier...
no thank you, i aint touching IE with a 80 foot pole.
Okay, I believe you. I was hesitant to because you used the same number of 9s as the site that showed the bug back in early May. :-D
I don't know about you people with firefox 1.0.5, from what Mozilla Dev said, the bug was fixed but they can't gurantee it'll work correctly since the issue has more to do with the OS, than firefox. What they did was just handle huge images in FF itself, which means that the image will probably be rendered completely wrong if it's really big.
I don't know about you people with firefox 1.0.5, from what Mozilla Dev said, the bug was fixed but they can't gurantee it'll work correctly since the issue has more to do with the OS, than firefox. What they did was just handle huge images in FF itself, which means that the image will probably be rendered completely wrong if it's really big.
QUOTE
Blue Screen of Death. Followed by a reboot where my computer no longer recognized my hard drive. COMPLETE CRASH.
Damn!
I have viewed this in Firefox and it seemed to cause it to kind of lag a bit, I have Firefox 1.04.
I am not game to view it in IE...god knows what will happen.
I wonder what this vulnerability is all about, is it dependant on your video card?
I have a nVidia card...
No, I've said it a few times already, it has to do with the way Windows processes images.
Here's where the bug was originally reported:
It's a PDF
It's translated from German so it's slightly off in grammar, but it's not unreadable, and it's been around since early May.
Here's where the bug was originally reported:
It's a PDF
It's translated from German so it's slightly off in grammar, but it's not unreadable, and it's been around since early May.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
