Bugtraq mailing list archives
Microsoft IE iframe src DoS already reported to Microsoft
From: "'ken'@FTU" <ken () ftusecurity com>
Date: Thu, 08 Apr 2004 13:46:20 -0400
Security Professionals, On Wednesday, April 7, 2004, Emmanouel Kellinis reported to Bugtraq that the following HTML tag would cause IE to crash: <iframe src="?"> Please see post: http://www.securityfocus.com/archive/1/359767/2004-04-05/2004-04-11/0 I discovered this bug in January 2004 and reported it to Microsoft on January 28, 2004. After working with Microsoft, I decided to wait until the bug was fixed before announcing it. In my opinion, this is part of responsible disclosure. I hope Microsoft will publicly reply to this post and confirm that I was the individual who originally reported the bug to them. 'ken'@FTU -- ==================================== http://www.ftusecurity.com Serving Straight HTML Since '02 ====================================
Current thread:
- Microsoft IE iframe src DoS already reported to Microsoft 'ken'@FTU (Apr 08)
- Re: Microsoft IE iframe src DoS already reported to Microsoft Valdis . Kletnieks (Apr 08)