Denial of Service in Opera 7 and Netscape 7.02 Browsers

Reported April 2, 2003, by Marc Schönefeld.

 

 

VERSIONS AFFECTED

 

·         Netscape 7.02

·         Opera 7 using Sun Microsystems' Java Virtual Machine (JVM), version 1.4.1_02

 

DESCRIPTION

 

A vulnerability in Netscape 7.02 and Opera 7 Web browsers can result in a Deni

al of Service (DoS) condition.

 

DEMONSTRATION

 

As proof of concept, the discover posted the following code, which crashes the browsers when they run on Windows XP:

 

<scr1pt language="Javascript">

t = new Packages.sun.plugin.javascript.navig5.JSObject(1,1);

</scr1pt>

 

VENDOR RESPONSE

 

Netscape and Opera haven't yet responded to this concern.

 

 

CREDIT          

Discovered by Marc Schönefeld.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish