HTML5 programming language latest vulnerability was found, which allows website using several GB of junk data to expands the bombing on user, even in a short period of time, the hard disk can be stuffed. Variety of mainstream browsers will be affected by this.

A man named Feross Aboukhadijeh developers first discovered the vulnerability, he said, most mainstream Web browser will be affected, including Apple Safari, Google Chrome, Microsoft IE and Opera. The only way to stop a lot of data to load the Mozilla Firefox browser, the product of the maximum data storage for 5MB.

The root of the problem is that HTML5 way to store data locally. Although each browser has a different storage parameters, but many of them support the user-defined limit, and at least 2.5MB of data stored on the user's computer.

Aboukhadijeh discovered a method of bypassing the data caps, it creates multiple user access sites linked to the temporary site. Most browsers will not count this occasionally, two websites can also store and main website the same amount of data. Massive data generated by a large number of such sites, the vulnerability can be loaded to the affected computer.

The test of this vulnerability, Aboukhadijeh every 16 seconds to load the SSD MacBook Pro 1GB data. He pointed out, Chrome 32 browser may crash hard stuffed.

Some clever code website is actually user computer data storage limit has been canceled. "Aboukhadijeh said.

Aboukhadijeh has released a set of code to exploit the vulnerability, and create a-called Filldisk dedicated website to highlight the vulnerability of hazards. He has to report the incident to the affected browser developers, but has not yet found the outbreak of a large area of the malicious behavior.