I am about to show a vulnerability in latest Firefox version 22 browser .
Basically this version of browser can deny service (DOS) to the user when it loads a webpage which contains the crafted java script.in it.
It is a simple old function which is not adviced to use in the web application but unfortunately the latest version on the firefox which launched on 24th June 2013 is a victim to it.
Not sure whether someone can write this to a MSF exploit hope we see that soon.
The web page containing the following code will crash the firefox browser v21 and v22 on Win 7, xp sp3.
Test it on your own risk.
When Running on XP SP3 the Firefox takes 100% CPU usage
No comments:
Post a Comment