0DAY Firefox Remote Code Execution and Denial of Service Vulnerability <=1.5.0.2 iframe.contentWindow.focus()

---------------------------------------------------
Software:
Firefox Web Browser
Tested:
Linux, Windows clients' version 1.5.0.2
Result:
Firefox Remote Code Execution and Denial of Service
Problem:
A handling issue exists in how Firefox handles certain Javascript in js310.dll and xpcom_core.dll
regarding iframe.contentWindow.focus(). By manipulating this feature a buffer overflow will occur.
Proof of Concept:
http://www.securident.com/vuln/ff.txt
Credits:
splices(splices [dot] org)
spiffomatic64(spiffomatic64 [dot] com)
Securident Technologies (securident [dot] com)
------------------------------------------------

Relevant Pages

  • Re: O is for Otto
    ... > Through Firefox, ... The validator says that I have tons of problems with my ... > advice so that unKNOWN Juggling looks halfway decent? ... insanimal, at leaze, dot, + as a word, dot, and then com. ...
    (rec.juggling)
  • Firefox Remote Code Execution and DoS 1.5.0.2
    ... Firefox Remote Code Execution and Denial of Service - Vendor contacted, no patch yet. ... spiffomatic64(spiffomatic64 [dot] com) ... Securident Technologies ...
    (Bugtraq)
  • Re: Eurofly?
    ... plane was half full. ... I can't manage either, just now- tried Opera, Firefox and Safari. ... She's a friend of David Mills? ... usenet davidhorne (dot) co uk ...
    (rec.travel.europe)
  • Re: firefox problem with accessing form value
    ... Does anyone know why i can't access a form element value using dot ... notation in firefox, ...
    (comp.lang.javascript)
  • Firefox Remote Code Execution and DoS 1.5.0.2
    ... Firefox crashes with SYS 3175. ... Original bugtraq post: ... spiffomatic64(spiffomatic64 [dot] com) ... Securident Technologies ...
    (comp.os.os2.bugs)