Feross
Abukhadijeh) said that the data dumping problem occurs in most Web browsers, including Apple Safari, Google Chrome, Microsoft IE and Opera. Mozilla Firefox is the only browser that can block data dumping, the Storage Limit of Firefox is 5 MB.
The root cause of this problem is HTML
5. The method for processing local data storage is related. Although the storage parameter settings of Each browser are different, most of them support user-defined upper limit, which makes the storage space on the user's computer at least 2.5 MB.
The vulnerabilities discovered by abhatdij can generate numerous temporary websites connected to websites accessed by users, thus bypassing the Data Storage Limit. Because most browsers do not consider unexpected situations, affiliated websites can store locally, and the storage limit is the same as that of the primary site. By generating a large number of connected websites, this vulnerability can dump a large amount of data on the affected computers.
Abhatdijie used the solid state drive's MacBook to test the vulnerability.
The Pro can dump 1 GB of data every 16 seconds. He pointed out that a 32-bit browser like Chrome may crash before the hard disk is full.
Abhatdijie has released code to exploit this vulnerability, and has created a website named Filldisk to attract people's attention to this issue. The vulnerability report has been sent to affected browser vendors. abhatdijie said that no malicious use of its code has been found. (Le bang)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
