Tom Ferris has discovered a weakness in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an error in the handling of overly large size attributes in the "Iframe" tag. This can be exploited to crash a vulnerable browser via a specially crafted "Iframe" tag on a malicious web site. The weakness has been confirmed in version 1.0.7 on Fedora Core 4 (Linux). Other versions and platforms may also be affected. NOTE: The vendor has concluded that the weakness is caused due to an infinite recursion which causes a stack overflow, which only can be exploited to crash a vulnerable browser and cannot be exploited for code execution. http://secunia.com/advisories/17071/ milw0rm.com have released proof of concept code for a denial of service exploit which apparently affects all versions of the Mozilla Foundations popular Firefox browser from version 1.0.7 downward (For the dim this INCLUDES Firefox 1.0.7). If this exploit has made it out into, or indeed been retrieved from the wild is unknown at this time. However it is clear that this exploit will indeed need patching as soon as possible - it does cause a nasty software loop/crash. http://www.whitedust.net/newsview.php?NewsID=1432
We usually do not consider client DoS as vulnerabilities. There is "Service" in Denial of Service and I can't think of a service you miss by crashing while visiting some evil web page. My take on this is let the fix filter from FF usual updates.
Right, I was a bit quick with this.
*** Bug 109778 has been marked as a duplicate of this bug. ***
This has been fixed upstream. https://bugzilla.mozilla.org/show_bug.cgi?id=303433
