[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Mozilla Firefox 3.6.12 Denial of Service Vulnerability

To: info@xxxxxxxxxx
Subject: Re: Mozilla Firefox 3.6.12 Denial of Service Vulnerability
From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Date: Wed, 24 Nov 2010 10:17:24 -0800

> <body onload="location='';alert('DoS');">

Welcome to the world of browsers. You could just as easily do
"while(1) alert(1)". See:

http://code.google.com/p/browsersec/wiki/Part2#Defenses_against_disruptive_scripts

/mz

References:
- Mozilla Firefox 3.6.12 Denial of Service Vulnerability
  - From: info

Prev by Date: [eVuln.com] email XSS in SimpLISTic
Next by Date: [ MDVSA-2010:240 ] mono
Previous by thread: Mozilla Firefox 3.6.12 Denial of Service Vulnerability
Next by thread: [eVuln.com] Multiple XSS in MCG GuestBook
Index(es):
- Date
- Thread