Created attachment 246838 [details] html file mentioned in above description unlisted poc video link-> https://www.youtube.com/watch?v=m_rMN4M8a-c Hi Team, The maximum number of WebSocket connections that can be opened at a time must be preset ( for example firefox uses 200 as maximum number of WebSocket at instance ) but Safari(webkit) failed to implement it for firefox you can go through about it here-> https://developer.mozilla.org/en/docs/WebSockets <script> var i=0; while(1) { var connection = new WebSocket('ws://html5rocks.websocket.org/echo'); } </script> above js creates infinite number of websockets. on executing this file Safari(webkit) opens infinite websockets at the same instance which leads to crash of the browser,on serious condition crash of OS.The above website is taken for example (html5rocks.websocket.org) even it can be xyz.com or whatever. The thing is, with Safari(webkit) we can open infinite websockets at an instance which leads to crash.Safari(webkit) doesnt handle it properly Let me show "how Safari(webkit) crashes" and "how Firefox handles this" first let me open Safari(webkit) , execute that file and show you the memory usage as you can see...Safari(webkit) is taking lot of resources As you saw the browser crashed and system will crash on serious condition now let me open the same thing firefox same file it just sent 193 requests then stopped inspite of infinite loop even it didnt take much resources with this vulnerability,attacker can remotely send this file and crash victim's browser tested in mac's safari too(if poc needed let me give it) waiting for good reply thanks and regards venkatesh attached the html file :))
Why no reply from anyone ????
Yikes! This looks bad -- I didn't notice this bug before. Thank you for reporting it!