Ronald sent us a PoC DoS exploit, which uses the recently discussed Firefox 220.127.116.11 image issue.
One possible workaround is to turn off automatic startup of your e-mai application in Firefox. To do so, enter in the URL bar: about:config . This will show a long list of configuration options. Search for 'warn-external.mailto' (e.g. use the 'Filter' option). By default, this value should be set to "false". Click on the line to toggle it to "true" (it will be bold if it is not set to the default).
Now, whenever you click on a mailto: link, you will first be asked if you would like to start your e-mail application. In the case of the exploit this will keep your system responsive, even though you may still have to click on all the dialogs.
For more details and a link to a PoC, see securityview.org I will be teaching next: Intrusion Detection In-Depth - SANS Las Vegas Spring 2020
May 11th 2006
1 decade ago