User-Agent: Mozilla/5.0 (X11; U; Linux i686; it-IT; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; it-IT; rv:1.7.8) Gecko/20050524 Fedora/1.0.4-4 Firefox/1.0.4 Opening a proper html page generated from javaprxy exploit code (see FrSIRT/ADV-2005-0935 - IE related exploit), Firefox starts eating cpu cycles and ram memory taking the system to be heavily unusable. Reproducible: Always Steps to Reproduce: 1. Go to: http://www.frsirt.com/exploits/20050702.iejavaprxyexploit.pl.php 2. Download the perl file and run it to generate a proper html file which contains the exploit 3. Open it with Firefox Actual Results: Firefox was not responsive anymore and operating system wasn't too. Expected Results: I expected a page reporting this statement : Microsoft Internet Explorer javaprxy.dll COM Object Remote Exploit by the FrSIRT < http://www.frsirt.com > Solution http://www.frsirt.com/english/advisories/2005/0935 I had to open a shell to kill the process to restore, but I could not prove if the exploit opened a port on my system. Neither I could understand if this issue strictly depends on Firefox or Java or Linux itself. So I really don't know if this is a security issue or not. I'm just reporting, sure that someone here will clarify what I've just experienced. Many thanks for your great work !

No real point in the confidential flag if you've gotten the information from a public website. *** This bug has been marked as a duplicate of 299564 ***