CVE-2009-1828

Firefox - Denial of Service via KEYGEN Element with Automatic Refresh

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1828. PoCs published by Thierry Zoller.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in Firefox by leveraging the KEYGEN tag to create an endless loop when combined with a JavaScript onload event. The loop causes the browser to become unresponsive and leak memory.

Description

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or (2) a JavaScript onLoad event handler for a BODY element. NOTE: it was later reported that earlier versions are also affected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Thierry Zoller · textdosmultiple

https://www.exploit-db.com/exploits/8822

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service (DoS) vulnerability in Firefox by leveraging the KEYGEN tag to create an endless loop when combined with a JavaScript onload event. The loop causes the browser to become unresponsive and leak memory.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Firefox 3.0.10 (Windows) and likely all versions supporting the KEYGEN tag

No auth needed

Prerequisites: A target running a vulnerable version of Firefox · Ability to deliver the malicious HTML page to the target

MITRE ATT&CK