Closed
Bug 1361047
Opened 7 years ago
Closed 3 years ago
System Crash (DoS) due to Mozilla Firefox Browser
Categories
(Core Graveyard :: Plug-ins, defect, P5)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: mohdaqeelasif, Unassigned)
Details
(Keywords: csectype-dos)
Attachments
(1 file)
1.03 KB,
application/x-shockwave-flash
|
Details |
User Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:52.0) Gecko/20100101 Firefox/52.0 Build ID: 20170417065206 Steps to reproduce: 1. Install and setup XAMPP 2. Upload CS.SWF file to XAMPP htdocs folder (check attachments 3. Browse to CS.SWF file and embed ?js=alert(/Bang/);// parameter to it http://localhost/CS.SWF?js=alert(/Bang/);// 4. Now observe that Resource utilization increases rapidly and the system would crash Actual results: When "CS.SWF" flash files are getting executed in firefox browser, a process called "Plugin Container for Firefox" is being created and starts consuming more resources than it should resulting in system crash.
Updated•7 years ago
|
Group: firefox-core-security → core-security
Component: Untriaged → Plug-ins
Product: Firefox → Core
Comment 1•7 years ago
|
||
It's pretty easy to create pages that will consume the entire system, and so we don't treat those a security issues which need to be hidden. I will keep this bug open, but I suggest that it's probably more appropriate to file this with Adobe, since it's the Adobe Flash plugin that's actually the problem in this case.
Comment 2•3 years ago
|
||
Resolving as wont fix, plugin support deprecated in Firefox 85.
Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → WONTFIX
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•