Full Disclosure mailing list archives
Mozilla Multiple Product JavaScript Issue
From: Kurczaba Associates Advisories <advisories () kurczaba com>
Date: Tue, 28 Jun 2005 16:21:26 -0400
Mozilla Multiple Product JavaScript Issue http://www.kurczaba.com/html/security/0506241.htm ------------------------------------------------- Vendor: Mozilla (http://www.mozilla.org) Vulnerable Software: Mozilla 1.7.8 Firefox 1.0.4 Camino 0.8.4 Vulnerability/Exploit:By using a specially crafted JavaScript function, it is possible to crash the above named browsers. The script can be executed both with and without user intervention.
Proof of Concept: Manual: http://www.kurczaba.com/html/security/0506241_poc.htm Automatic: http://www.kurczaba.com/html/security/0506241_poc2.htm Workaround: Disable JavaScript Date Discovered: June 14, 2005 Severity: Low Credit: Paul Kurczaba _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mozilla Multiple Product JavaScript Issue Kurczaba Associates Advisories (Jun 28)
- Re: Mozilla Multiple Product JavaScript Issue evilninja (Jun 29)