Back to list
DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
Jul 19 2009 05:32PM
MustLive (mustlive websecurity com ua)
RE: DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
Jul 20 2009 07:16PM
Jeremiah Gowdy (Jeremiah Gowdy freedomvoice com)
I've tested this DoS on Internet Explorer 8, does not significantly impact my system.
From: MustLive [mailto:mustlive (at) websecurity.com (dot) ua [email concealed]]
Sent: Sunday, July 19, 2009 10:33 AM
To: bugtraq (at) securityfocus (dot) com [email concealed]
Subject: DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome
I want to warn you about Denial of Service vulnerabilities in Firefox,
Internet Explorer, Opera and Chrome.
Recently buffer overflow vulnerability in Mozilla Firefox 3.5 was found by
Andrew Haynes and Simon Berry-Byrne (http://websecurity.com.ua/3337/). After
I checked at 16.07.2009 this vulnerability in different browsers, I found
that this Denial of Service vulnerability also exists in Firefox 3.0.11,
Internet Explorer 6 and Opera 9.52 (and later also in Chrome 2.0.172).
With this exploit Firefox crashes, IE6 consumes resources of CPU and RAM,
Opera freezes at that consumes resources of CPU and RAM, and Chrome crashes.
Vulnerable version is Mozilla Firefox 3.0.11 and previous versions (and also
Vulnerable version is Internet Explorer 6 (6.0.2900.2180) and previous
versions. And potentially next versions (IE7 and IE8).
Vulnerable version is Opera 9.52 and previous versions (and potentially next
Vulnerable version is Google Chrome 2.0.172 and previous versions. At that
Google Chrome 22.214.171.124 is not vulnerable - it's possible that vulnerable
is only Chrome 2.x.
I mentioned about this vulnerability at my site
Best wishes & regards,
Administrator of Websecurity web site
[ reply ]
Copyright 2010, SecurityFocus