Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
Title: Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC
Advisory ID: ZSL-2008-4897
Type: Local/Remote
Impact: DoS
Risk: (4/5)
Release Date: 11.09.2008
[2] http://www.packetstormsecurity.org/filedesc/maxthon-dos.txt.html
[3] http://www.securityfocus.com/bid/31098
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2008-4897
Type: Local/Remote
Impact: DoS
Risk: (4/5)
Release Date: 11.09.2008
Summary
Maxthon Browser is a powerful tabbed browser built for all users. Besides basic browsing functionality, Maxthon Browser provides a rich set of features to improve your surfing experience.Description
Maxthon Browser is prone to a denial-of-service vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted webpage. Successfully exploiting this issue will allow the attacker to crash the application, denying service to legitimate users.Vendor
Maxthon International Ltd - http://www.maxthon.comAffected Version
2.1.4.443 UNICODETested On
Microsoft Windows XP Professional SP2 (English)Vendor Status
N/APoC
maxthon_dos.htmlCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] http://www.milw0rm.com/exploits/6434[2] http://www.packetstormsecurity.org/filedesc/maxthon-dos.txt.html
[3] http://www.securityfocus.com/bid/31098
Changelog
[11.09.2008] - Initial releaseContact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
