[Full-Disclosure] Large picture wudth DoS on MS Internet Explorer/Outlook Express
3APA3A
3APA3A at SECURITY.NNOV.RU
Thu Aug 12 15:43:47 BST 2004
This issue was originaly reported in January, 2000
http://www.security.nnov.ru/2000/january/#IEIMAGE
And was reported to Microsoft. Microsoft didn't accepted this bug as
security related but promised to "file a bug report with IE team".
http://www.security.nnov.ru/2000/january/ie5img2.html
Message to Bugtraq was moderated by Aleph One as unimportant, so
publicly information was published one year later on vuln-dev.
http://cert.uni-stuttgart.de/archive/vuln-dev/2001/06/msg00094.html
and published as advisory
http://www.security.nnov.ru/advisories/ie5freeze.asp?l=RU
Nobody reacted.
Amount of buzz about it now makes me think Internet Explorer security is
now really better than it was 4 years ago :)
--
http://www.security.nnov.ru
/\_/\
{ , . } |\
+--oQQo->{ ^ }<-----+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
|/
Full-Disclosure is hosted and sponsored by Secunia.