Closed Bug 317578 Opened 19 years ago Closed 19 years ago

Javascript window() can be used for denial of service attack (DOS)

Categories

(Firefox :: General, defect)

x86
Windows XP
defect
Not set
critical

Tracking

()

VERIFIED DUPLICATE of bug 317334

People

(Reporter: t.vinson, Unassigned)

References

()

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20051123 Firefox/1.6a1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20051123 Firefox/1.6a1

This site demonstrates proof of concept for a bug in Internet Explorer.  I tried it out in Firefox as well.  The behavior below occurs in both release 1.0.7 and the build I'm using right now.  I didn't notice any additional i/o or memory usage, just cpu.
A description of the bug under IE is at http://www.computerterrorism.com/research/ie/ct21-11-2005.


Reproducible: Always

Steps to Reproduce:
1.Go to http://www.computerterrorism.com/research/ie/poc.htm
2.Click on the link for XP


Actual Results:  
Browser hangs (using about 50% of the cpu)

Expected Results:  
Open a popup window with no content or with an error message

*** This bug has been marked as a duplicate of 317334 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.