header-logo
Suggest Exploit
vendor:
Mozilla Firefox
by:
Not specified
5.5
CVSS
MEDIUM
Denial of Service
399
CWE
Product Name: Mozilla Firefox
Affected Version From: 1.0.6
Affected Version To: 1.0.7
Patch Exists: YES
Related CWE: CVE-2005-2267
CPE: a:mozilla:firefox
Metasploit: https://www.rapid7.com/db/vulnerabilities/mfsa2008-35-cve-2008-2933/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2008-2933/https://www.rapid7.com/db/vulnerabilities/suse-cve-2008-2933/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2008-2933/
Other Scripts:
Platforms Tested: Linux
2005

Remote Denial of Service Vulnerability in Mozilla Firefox

A remote denial of service vulnerability exists in Mozilla Firefox. The vulnerability occurs when the browser handles a specially crafted IFRAME. An attacker can exploit this vulnerability to crash the application or consume excessive CPU and memory resources on affected computers.

Mitigation:

No known mitigation is available for this vulnerability. It is recommended to update to a patched version of Mozilla Firefox when available.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15015/info

Mozilla Firefox is prone to a remote denial of service vulnerability.

The vulnerability presents itself when an affected browser handles a specially crafted IFRAME.

A successful attack may result in crashing the application, or consuming excessive CPU and memory resources of computers running the affected application.

It should be noted that this issue was reported to affect Firefox 1.0.6 and 1.0.7 running on Linux. Other versions running on different platforms may be vulnerable as well.

IFRAME WIDTH=33333333

Navigation

Suggest Exploit

Services By CQR