Full Disclosure mailing list archives
SV: Internet Explorer 6 DoS Bug
From: "Peter Kruse" <kruse () krusesecurity dk>
Date: Tue, 8 Jul 2003 09:00:26 +0200
Hi, This is really scary! This can be exploited remotely in several ways. I have succesfully DoS´ed several machines using a simple <img src=c:\aux> in a HTML page. In order to test this remotely I have put up a POC page that can be accessed here: http://www.krusesecurity.dk/aux_dos.htm. If your browser crash you´re vulnerable to a remote DoS using the ooold aux trick. HTML based e-mails will also crash already vulnerable systems. If a system is vulnerable this DoS can be succesfully conducted in many ways. Med venlig hilsen // Kind regards Peter Kruse Kruse Security http://www.krusesecurity.dk -----Oprindelig meddelelse----- Fra: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] På vegne af Richard M. Smith Sendt: 8. juli 2003 01:40 Til: 'Dan Williams'; full-disclosure () lists netsys com Emne: RE: [Full-Disclosure] Internet Explorer 6 DoS Bug Does an HTML IMG tag like <img src=c:\aux> also cause a crash? This kind of tag can be embedded in an HTML email message. If the bug shows up also in an IMG tag, then an Email reader like Outlook or Outlook Express can be DoSed. Ditto for Hotmail and Yahoo mail. Richard _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Internet Explorer 6 DoS Bug, (continued)
- RE: Internet Explorer 6 DoS Bug Eduardo Reis (Jul 07)
- Re: Internet Explorer 6 DoS Bug bacano (Jul 07)
- Re: Internet Explorer 6 DoS Bug Dimitri Limanovski (Jul 07)
- Re: Internet Explorer 6 DoS Bug pez dude (Jul 07)
- Re: Internet Explorer 6 DoS Bug Blue Boar (Jul 07)
- Re: Internet Explorer 6 DoS Bug Troy (Jul 07)
- RE: Internet Explorer 6 DoS Bug Simon Lorentsen (Jul 07)
- Re: Internet Explorer 6 DoS Bug Dan Williams (Jul 07)
- RE: Internet Explorer 6 DoS Bug Richard M. Smith (Jul 07)
- RE: Internet Explorer 6 DoS Bug Justin Shin (Jul 07)
- SV: Internet Explorer 6 DoS Bug Peter Kruse (Jul 08)
- RE: Internet Explorer 6 DoS Bug Richard M. Smith (Jul 08)
- Re: Internet Explorer 6 DoS Bug Blue Boar (Jul 07)
- RE: Internet Explorer 6 DoS Bug Eduardo Reis (Jul 07)
- Re: Internet Explorer 6 DoS Bug M. Osten (Jul 07)
- Re: Internet Explorer 6 DoS Bug Karl DeBisschop (Jul 07)
- Re: Internet Explorer 6 DoS Bug Brett Hutley (Jul 07)
- Re: Internet Explorer 6 DoS Bug Sebastian Niehaus (Jul 08)
- Re: Internet Explorer 6 DoS Bug Spiro Trikaliotis (Jul 08)
- Re: Internet Explorer 6 DoS Bug madsaxon (Jul 08)
- Revisited Internet Explorer 6 DoS Bug Peter Kruse (Jul 08)