Mozilla Foundation Security Advisory 2014-20

onbeforeunload and Javascript navigation DOS

Announced

March 18, 2014

Reporter

Tim Philipp Schäfers, Sebastian Neef

Impact

Low

Products

Firefox, SeaMonkey

Fixed in

Firefox 28
SeaMonkey 2.25

Description

Security researchers Tim Philipp Schäfers and Sebastian Neef, the team of Internetwache.org, reported a mechanism using JavaScript onbeforeunload events with page navigation to prevent users from closing a malicious page's tab and causing the browser to become unresponsive. This allows for a denial of service (DOS) attack due to resource consumption and blocks the ability of users to exit the application.

References

hanging tab allows attackers to execute JS for a long time in the background, user is not able to close firefox normal (CVE-2014-1500)

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Privacy Promise

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Product Promise

Firefox Relay

MDN Plus

Mozilla Manifesto

Mozilla Foundation

Get involved

Leadership

Careers

Mozilla Blog

Firefox Developer Edition

MDN Web Docs

Common Voice

Mozilla Innovation Projects

Mozilla Foundation Security Advisory 2014-20

onbeforeunload and Javascript navigation DOS

Description

References