[Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service?
Steve Wray
steve.wray at paradise.net.nz
Tue Sep 2 21:16:21 BST 2003
So why is it that visiting the page directly from MSIE
from html like this;
<html>
<head>
</head>
<body>
<a href="http://www.galad.com/extras/cg/cg.htm">crash</a>
</body>
</html>
I get no crash?
But clicking through from outlook I do?
Ie; clicking from outlook = crash
clicking from IE = no crash
clicking from outlook afterward = crash
> -----Original Message-----
> From: full-disclosure-admin at lists.netsys.com
> [mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of
> Tiago Halm
> Sent: Wednesday, 3 September 2003 4:37 a.m.
> To: 'Pellmann Paul'; full-disclosure at lists.netsys.com
> Subject: RE: [Full-Disclosure] New Microsoft Internet
> Explorer mshtml.dll Denial of Service?
>
>
> Paul has a point here, I believe!
>
> After a **lot** of html code "trimming" I came with an
> offline version of
> the page like this:
>
> ------------------------------------------------------
> <html>
> <body>
> <table border="0" cellspacing="0" cellpadding="0">
> <tr>
> <td><img src="http://www.galad.com/frame/e1x1.gif"
> width="1" height="1"
> alt=""></td>
> </tr>
> </table>
> </body>
> </html>
> -------------------------------------------------------
>
> and this piece of code does crash my browser (6.0.2800.1106)
> on windows 2000 server all patches and fixes up to date.
>
> NOTE: Every time you **want** the browser to crash, you must
> delete it from
> the "Temporary Internet Files" before loading it in your browser.
Full-Disclosure is hosted and sponsored by Secunia.