Closed Bug 403010 Opened 18 years ago Closed 17 years ago

Mozilla Firefox 2.0.0.9 Remote Denial of Service

Categories

(Toolkit :: View Source, defect)

1.8 Branch
x86
Windows XP
defect
Not set
critical

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: myiworm, Unassigned)

References

()

Details

(Keywords: crash, testcase, Whiteboard: [sg:dos])

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727) Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9) Gecko/20071025 Firefox/2.0.0.9 Firefox crashed after visiting http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service.html - page, contain iframe with too many 'view-source:' handlers. Reproducible: Always Steps to Reproduce: 1. firefox http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service.html Actual Results: Crash.
Confirmed using the same build as the reporter. Does not happen on Mac OS, so the platform and OS is probably set right.
Severity: normal → critical
Status: UNCONFIRMED → NEW
Ever confirmed: true
Group: security
Group: security
Keywords: testcase
Whiteboard: [sg:dos]
Doesn't crash current trunk on Windows Talkback ID for crash: TB37875316M (Fx 2.0.0.7) Incident ID: 37875316 Stack Signature ntdll.dll + 0xeddc (0x7c90eddc) abf98e47 Product ID Firefox2 Build ID 2007091417 Trigger Time 2007-11-08 20:58:21.0 Platform Win32 Operating System Windows NT 5.1 build 2600 Module ntdll.dll + (0000eddc) URL visited User Comments Bug 403010 Since Last Crash 69900 sec Total Uptime 69900 sec Trigger Reason Stack overflow Source File, Line No. N/A Stack Trace ntdll.dll + 0xeddc (0x7c90eddc) msvcrt.dll + 0x1c3c9 (0x77c2c3c9) msvcrt.dll + 0x1c3e7 (0x77c2c3e7) msvcrt.dll + 0x1c42e (0x77c2c42e) nsStringBuffer::Alloc [mozilla/xpcom/string/src/nsSubstring.cpp, line 205] nsCSubstring::Assign [mozilla/xpcom/string/src/nsTSubstring.cpp, line 306] nsCSubstring::Assign [mozilla/xpcom/string/src/nsTSubstring.cpp, line 367] net_ExtractURLScheme [mozilla/netwerk/base/src/nsURLHelper.cpp, line 463] nsIOService::ExtractScheme [mozilla/netwerk/base/src/nsIOService.cpp, line 447] nsViewSourceHandler::NewURI [mozilla/netwerk/protocol/viewsource/src/nsViewSourceHandler.cpp, line 89] nsIOService::NewURI [mozilla/netwerk/base/src/nsIOService.cpp, line 482] nsViewSourceHandler::NewURI [mozilla/netwerk/protocol/viewsource/src/nsViewSourceHandler.cpp, line 89] nsIOService::NewURI [mozilla/netwerk/base/src/nsIOService.cpp, line 482] ...
Keywords: crash
Version: unspecified → 2.0 Branch
Current update (2.0.0.10): Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.10) Gecko/20071115 Firefox/2.0.0.10 firefox http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service.html Actual Results: Crash.
Product: Firefox → Toolkit
no crash with FF3.02 on vista Can you please retest with a current Firefox ?
Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.8.1.20) Gecko/20081217 4.0 (compatible; MSIE 7.0; Windows NT 6.0) ff2: http://myiworm.com/public/exploits/firefox2/firefox_2_0_0_9-denial_of_service_2.html Actual Results: Crash.
ff2 is not current and FF2 is no longer supported BTW: why is a simple crash an exploit ? That's really misleading, there are many ways to crash or hang every browser. The testcase is wfm with Seamonkey 1.9.1 branch and Firefox 3.0.6, marking worksforme
Status: NEW → RESOLVED
Closed: 17 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.