Firefox Outlook Remote Multiple Denial Of Service.

Publicated on : 1181410111
These two scripts are dossing Microsoft Outlook, plus Firefox for free. The first one jams the screen with 1000 outlook screens by exploiting the "mailto: tag" in an iframe, making it impossible to work and click them away. The seconds jams the screen with outlook news:// screens which popup in pairs so fast that my PC wasn't able to continue. Solution: I gave windows the boot while 198 outlook instances where still in memory.

Sorry these scripts are so bad I won't throw a PoC online, you can copy/paste it to try it out yourself. The coolest thing is that there is a lot of recursion that slips through Firefox, that's bad. Real bad. This could easily be exploited and possibly run shellcode on top of it through your system.

I tested Outlook 6 + Outlook 2003, probably runs everywhere.