Closed
Bug 403010
Opened 17 years ago
Closed 15 years ago
Mozilla Firefox 2.0.0.9 Remote Denial of Service
Categories
(Toolkit :: View Source, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: myiworm, Unassigned)
References
()
Details
(Keywords: crash, testcase, Whiteboard: [sg:dos])
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071025 Firefox/2.0.0.9 Firefox crashed after visiting http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service.html - page, contain iframe with too many 'view-source:' handlers. Reproducible: Always Steps to Reproduce: 1. firefox http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service.html Actual Results: Crash.
Comment 1•17 years ago
|
||
Confirmed using the same build as the reporter. Does not happen on Mac OS, so the platform and OS is probably set right.
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Updated•17 years ago
|
Group: security
Updated•17 years ago
|
Group: security
Comment 2•17 years ago
|
||
Doesn't crash current trunk on Windows Talkback ID for crash: TB37875316M (Fx 2.0.0.7) Incident ID: 37875316 Stack Signature ntdll.dll + 0xeddc (0x7c90eddc) abf98e47 Product ID Firefox2 Build ID 2007091417 Trigger Time 2007-11-08 20:58:21.0 Platform Win32 Operating System Windows NT 5.1 build 2600 Module ntdll.dll + (0000eddc) URL visited User Comments Bug 403010 Since Last Crash 69900 sec Total Uptime 69900 sec Trigger Reason Stack overflow Source File, Line No. N/A Stack Trace ntdll.dll + 0xeddc (0x7c90eddc) msvcrt.dll + 0x1c3c9 (0x77c2c3c9) msvcrt.dll + 0x1c3e7 (0x77c2c3e7) msvcrt.dll + 0x1c42e (0x77c2c42e) nsStringBuffer::Alloc [mozilla/xpcom/string/src/nsSubstring.cpp, line 205] nsCSubstring::Assign [mozilla/xpcom/string/src/nsTSubstring.cpp, line 306] nsCSubstring::Assign [mozilla/xpcom/string/src/nsTSubstring.cpp, line 367] net_ExtractURLScheme [mozilla/netwerk/base/src/nsURLHelper.cpp, line 463] nsIOService::ExtractScheme [mozilla/netwerk/base/src/nsIOService.cpp, line 447] nsViewSourceHandler::NewURI [mozilla/netwerk/protocol/viewsource/src/nsViewSourceHandler.cpp, line 89] nsIOService::NewURI [mozilla/netwerk/base/src/nsIOService.cpp, line 482] nsViewSourceHandler::NewURI [mozilla/netwerk/protocol/viewsource/src/nsViewSourceHandler.cpp, line 89] nsIOService::NewURI [mozilla/netwerk/base/src/nsIOService.cpp, line 482] ...
Keywords: crash
Version: unspecified → 2.0 Branch
Current update (2.0.0.10): Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.10) Gecko/20071115 Firefox/2.0.0.10 firefox http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service.html Actual Results: Crash.
Assignee | ||
Updated•16 years ago
|
Product: Firefox → Toolkit
Comment 4•16 years ago
|
||
no crash with FF3.02 on vista Can you please retest with a current Firefox ?
Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.8.1.20) Gecko/20081217 4.0 (compatible; MSIE 7.0; Windows NT 6.0) ff2: http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service_2.html Actual Results: Crash.
Comment 6•15 years ago
|
||
ff2 is not current and FF2 is no longer supported BTW: why is a simple crash an exploit ? That's really misleading, there are many ways to crash or hang every browser. The testcase is wfm with Seamonkey 1.9.1 branch and Firefox 3.0.6, marking worksforme
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•