Mozilla FireFox Sidebar Bookmark Persistent Denial Of Service Vulnerability
BID:26216
Info
Mozilla FireFox Sidebar Bookmark Persistent Denial Of Service Vulnerability
| Bugtraq ID: | 26216 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 26 2007 12:00AM |
| Updated: | Oct 26 2007 10:06PM |
| Credit: | The Hacker Webzine discovered this issue. |
| Vulnerable: |
Mozilla Firefox 2.0 .8 |
| Not Vulnerable: | |
Discussion
Mozilla FireFox Sidebar Bookmark Persistent Denial Of Service Vulnerability
Mozilla Firefox is prone to a vulnerability that results in a persistent denial of service.
This issue occurs when a victim sets a malicious bookmark and then follows it.
Successful attacks will cause Firefox to stop responding to all URI requests.
NOTE: This condition persists even after the browser is restarted.
Mozilla Firefox 2.0.0.8 is vulnerable; other versions may also be affected.
Mozilla Firefox is prone to a vulnerability that results in a persistent denial of service.
This issue occurs when a victim sets a malicious bookmark and then follows it.
Successful attacks will cause Firefox to stop responding to all URI requests.
NOTE: This condition persists even after the browser is restarted.
Mozilla Firefox 2.0.0.8 is vulnerable; other versions may also be affected.
Exploit / POC
Mozilla FireFox Sidebar Bookmark Persistent Denial Of Service Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted webpage.
The following proof-of-concept exploit is available:
To exploit this issue, an attacker must entice an unsuspecting user to view a maliciously crafted webpage.
The following proof-of-concept exploit is available:
Solution / Fix
Mozilla FireFox Sidebar Bookmark Persistent Denial Of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Mozilla FireFox Sidebar Bookmark Persistent Denial Of Service Vulnerability
References:
References:
- Even More Sidebar Fun! (The Hacker Webzine)
- Vendor Homepage (Mozilla Foundation)