149558 - Local DoS: resource consumption due to script injection

Status: RESOLVED DUPLICATE of bug 31041

(Core :: Security, defect)

Description

[Rob Cowell]

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.0) Gecko/20020530
BuildID:    2002053012

By utilizing the below code you can consume all resources of the computer, this
is done by opening of multiple windows.

Exploit:
about:<scr!pt>var
i;i=0;for(;;){i++;window.open('http://www.mozilla.org','Mozilla'+i,null);}</script>

(Note the letter "I" has been replaced with "!").

Reproducible: Always
Steps to Reproduce:
1.Create a new text file and put int he script above
2.Replace the first ! in the script tag with an i
3.save the file and open it in Mozilla

Actual Results:  Keeps spawning new instances of Mozilla browser

Expected Results:  not let me use a script tag after the about: prefix

Problem originally attributed as an IE problem, but seems like Mozilla has it
too.  I know they both share their roots in NCSA Mosaic, but must we *really*
replicate IE's bugs? ;)

I've flagged this as "Critical" purely on the grounds of the huge resource
consumption it creates (78meg in less than a minute on my workstation).  While
unlikely to affect everybody, I think we should be careful what we trust in the
about: prefix

Comment 1

[Tuukka Tolvanen (sp3000)]

Certainly, a file with

<script>
var i;i=0;
for(;;){i++;window.open('http://www.mozilla.org','Mozilla'+i,null);}
</script>

causes lots of windows to appear, but what does that have to do with "about:"?

I think this is a dup of bug 31041 (bug 38983; bug 13350)... marking as such

*** This bug has been marked as a duplicate of 31041 ***