-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 --------------------------------------------------- | BuHa Security-Advisory #8 | Feb 15th, 2006 | --------------------------------------------------- | Vendor | Mozilla Firefox | | URL | http://www.mozilla.com/firefox/ | | Version | <= 1.0.7 | | Risk | Low (DoS - Null Pointer Dereference) | --------------------------------------------------- This issue was originally (?) discovered by Yuan Qi who posted it on Bugzilla [1] on 11th November 2004 [2]. I rediscovered this vulnerability on 1st October 2005 and reported it several weeks later to the Mozilla Software Foundation [3] because I did not find any advisory or bugzilla post about this problem.. I decided to release an advisory about this DoS vulnerability, even though it's an old issue. o Description: ============= The award-winning Web browser is better than ever. Browse the Web with confidence - Firefox protects you from viruses, spyware and pop-ups. Enjoy improvements to performance, ease of use and privacy. Visit http://www.mozilla.com/firefox/ for detailed information. o Denial of Service: =================== Following HTML code forces Firefox to crash: >
>