Mozilla Firefox - Cookie Verification Denial of Service

EDB-ID:

38798


Author:

anonymous

Type:

dos


Platform:

Multiple

Date:

2013-04-04


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/62969/info

Mozilla Firefox is prone to a denial-of-service vulnerability because it fails to verify the user supplied input.

Successfully exploiting this issue will allow an attacker to inject special characters into the browser's local cookie storage, resulting in the requested website always responding with an error message which is hosted on specific web server software (like lighttpd). This will cause a denial-of-service condition.

Firefox 19 is vulnerable; other versions may also be affected.

Note: This issue was previously covered in BID 58857 (Google Chrome and Mozilla Firefox Browser Cookie Verification Security Weakness), but has been moved to its own record for better documentation. 

http://www.example.com/?utm_source=test&utm_medium=test&utm_campaign=te%05st