[Full-disclosure] Computer TerrorismSecurity Advisory (Reclassification)- Microsoft Internet Explorer JavaScript Window() Vulnerability
Leif Sawyer
lsawyer at gci.com
Mon Nov 21 19:54:31 GMT 2005
Happy Top-post Monday. :-)
Running:
Mandriva 2006 2.6.13.4 SMP
Firefox 1.5b2 (with no plugins)
Succombs immediately with no output. A click on the close-app 'X'
brings up the window-manager kill screen for unresponsive
applications.
Mozilla 1.7.11 (20050729) (with no plugins)
Seems to also succomb, but it does slowly start to render some
strange characters.
Application doesn't respond to close-window, but a click on the
close-app 'X'
brings up the window-manager kill screen for unresponsive
applications.
> -----Original Message-----
> From: full-disclosure-bounces at lists.grok.org.uk
> [mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf
> Of Michael Holstein
> Sent: Monday, November 21, 2005 10:02 AM
> To: securityadvisory
> Cc: full-disclosure at lists.grok.org.uk
> Subject: Re: [Full-disclosure] Computer TerrorismSecurity
> Advisory (Reclassification)- Microsoft Internet Explorer
> JavaScript Window() Vulnerability
>
> > Is it just me or did this exploit just DOS'ed my Firefox
> 1.0.7(Debian
> > Linux).
>
> No. It's not just you.
>
> Confirmed the same on Slackware (2.6.11 kernel) and WinXP.
> Both running Firefox 1.07 binary for their respective platform.
>
> Wonder how long till I start seeing banner ads with this code ;)
>
> Regards,
>
> Michael Holstein CISSP GCIA
> Cleveland State University
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Full-Disclosure is hosted and sponsored by Secunia.