Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 3.0.19 (including) | 3.0.19 (including) |
Firefox | Mozilla | 3.5 (including) | 3.5 (including) |
Firefox | Mozilla | 3.5.1 (including) | 3.5.1 (including) |
Firefox | Mozilla | 3.5.2 (including) | 3.5.2 (including) |
Firefox | Mozilla | 3.5.3 (including) | 3.5.3 (including) |
Firefox | Mozilla | 3.5.4 (including) | 3.5.4 (including) |
Firefox | Mozilla | 3.5.5 (including) | 3.5.5 (including) |
Firefox | Mozilla | 3.5.6 (including) | 3.5.6 (including) |
Firefox | Mozilla | 3.5.7 (including) | 3.5.7 (including) |
Firefox | Mozilla | 3.5.9 (including) | 3.5.9 (including) |
Firefox | Mozilla | 3.6 (including) | 3.6 (including) |