Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: Crux
Date: February 24, 2010 12:57AM

[-] Date: February 24, 2010.
[-] Discovered by: Crux
[-] Exploit name: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
[-] Tested on: 3.6 (latest)
================================================== ====

[-] PoC:
This certain vulnerability in Firefox 3.6 causes a denial of service. This happens when Firefox is forced to handle a long series of unclosed (improper) html code, such as, the marquee; which leads to memory corruption.

[~] Example: // Copy/paste and save the the following coding as poc.html, open in Firefox 3.6 //

http://crux.pastebin.com/abPSW6YF

================================================== ====


Would really appreciate if rsnake would help me spread it by blogging about it or mentioning it in a post.

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: SAS
Date: March 01, 2010 04:09PM

Wow the ol' marquee bug rears it's head again!

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: 599eme Man
Date: March 02, 2010 11:38AM

...

You're stupid ? Why you steel ?

http://www.exploit-db.com/exploits/11347 => Mine

I've discovered it there are a long 4 month... And some stupid guys like you code another PoC and put there name... I've send message to delete you stupid rip.

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: sirdarckcat
Date: March 04, 2010 03:30AM

he steels because he is steelman!


--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: Gareth Heyes
Date: March 04, 2010 04:11AM

Can we rename him? That would be awesome or maybe a static signature

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: SAS
Date: March 08, 2010 06:58PM

@sirdarckcat awesome pic dude.

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: Lostmon
Date: April 01, 2010 08:05AM

Flock Browser 1.2.6 is also afected and flock 2.5 too :P



Edited 1 time(s). Last edit at 04/01/2010 08:23AM by Lostmon.

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: shazlovely
Date: May 27, 2010 05:35AM

Hard to believe that anyone (especially one who travels for a living), didn’t know that when your passport runs out of pages…..you get more pages..period.  Any Embassy or Consulate will (usually) do it while you wait abroad.  You never get a new passport until your old one expires, is lost or damaged.  Or cissp was the article just that more interesting with your particular slant?



Edited 1 time(s). Last edit at 05/27/2010 07:02AM by Gareth Heyes.

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: Gareth Heyes
Date: May 27, 2010 07:02AM

Anyone else find this spam stupidly funny? If not I'll remove it

------------------------------------------------------------------------------------------------------------
"People who say it cannot be done should not interrupt those who are doing it.";
labs : [www.businessinfo.co.uk]
blog : [www.thespanner.co.uk]
Hackvertor : [hackvertor.co.uk]

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: thrill
Date: May 27, 2010 07:27AM

I find it humorous that we're not being blocked by Pakistan.. guess we have to have a prophet drawing contest for that to happen.. :)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: Mozilla Firefox 3.6 (memory corruption) Denial Of Service
Posted by: Skyphire
Date: May 27, 2010 11:21AM

@trill.


Options: ReplyQuote


Sorry, only registered users may post in this forum.