Security researcher Sabri Haddouche has released a new proof-of-concept attack using a malicious Javascript that can crash or freeze Mozilla Firefox when a user visits a specially designed website on the browser.
Sabri has released the source code for the series of browser bugs named Browser Reaper for Firefox versions 62.02, its earlier versions, Chrome and Safari. The researchers also added that currently there is no way to mitigate the attack. Sabri has notified the company about the PoC and Mozilla is working on a file download limitation for the browser so that the IPC channel would not be flooded by long filenames being continuously downloaded.
