Re: [Full-disclosure] Firefox 2.0.0.3 DoS crash

---

• From: ascii <ascii@xxxxxxxxxxxx>
• Date: Fri, 20 Apr 2007 21:25:02 +0200

---

carl hardwick wrote:

Firefox 2.0.0.3 DoS crash
PoC:
chrome://pippki/content/editcacert.xul
chrome://pippki/content/editemailcert.xul
chrome://pippki/content/editsslcert.xul

hi carl, i think this was already known and publicly aviable

http://kb.mozillazine.org/Dev_:_Firefox_Chrome_URLs

search for "Crashes browser when opened"

i read about it on some blogs prior your publication on FD

List of Chrome URLs in Firefox
Thursday, August 17, 2006
http://rajatswarup.blogspot.com/2006/08/list-of-chrome-urls-in-firefox.html

Firefox Chrome Crash
Saturday, April 14, 2007
http://exploit.blogosfere.it/2007/04/firefox-chrome-crash.html

regards,
Francesco `ascii` Ongaro
http://www.ush.it/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

---

• References:
  • [Full-disclosure] Firefox 2.0.0.3 DoS crash
    • From: carl hardwick

• Prev by Date: Re: [Full-disclosure] Firefox 2.0.0.3 DoS crash
• Next by Date: Re: [Full-disclosure] ShortNotes : Stack Smashing with GCC4
• Previous by thread: Re: [Full-disclosure] Firefox 2.0.0.3 DoS crash
• Next by thread: [Full-disclosure] US State department rooted by 0-day Word attack
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Full-Disclosure  > 2007-04