Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.
Software | From | Fixed in |
---|---|---|
mozilla / firefox | 3.0.19 | 3.0.19.x |
mozilla / firefox | 3.5 | 3.5.x |
mozilla / firefox | 3.5.1 | 3.5.1.x |
mozilla / firefox | 3.5.2 | 3.5.2.x |
mozilla / firefox | 3.5.3 | 3.5.3.x |
mozilla / firefox | 3.5.4 | 3.5.4.x |
mozilla / firefox | 3.5.5 | 3.5.5.x |
mozilla / firefox | 3.5.6 | 3.5.6.x |
mozilla / firefox | 3.5.7 | 3.5.7.x |
mozilla / firefox | 3.5.9 | 3.5.9.x |
mozilla / firefox | 3.6 | 3.6.x |