Full Disclosure mailing list archives
RE: Revisited Internet Explorer 6 DoS Bug
From: "Simon Lorentsen" <s.lorentsen () box-smart net>
Date: Tue, 8 Jul 2003 21:24:37 +0100
Peter, Just out of curiosity I tried it, nothing, not a bean, however I am open to the other bug. Sincerely yours, Simon Lorentsen -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Peter Kruse Sent: 08 July 2003 20:12 To: full-disclosure () lists netsys com Subject: [Full-disclosure] Revisited Internet Explorer 6 DoS Bug Hi all, The problem is surely related to the serial communication ports. It can also, besides from the AUX call, be reproduced with a file:///c:/com1 or file:///c:/com2 and so on ;-) It´s possible to remotely DoS a browser this way. I´ve recieved several reports, that this issue affects many other browsers, and can cause Mcirosoft Windows to completely crash. I have put up a new testpage using a simple: <img src=file:///c:/com1> at: http://www.krusesecurity.dk/com1_dos.htm [Don´t go there unless you really want to!] This attack can also be conducted with HTML based e-mails. Med venlig hilsen // Kind regards Peter Kruse Kruse Security http://www.krusesecurity.dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Attachment:
smime.p7s
Description:
Current thread:
- RE: Internet Explorer 6 DoS Bug, (continued)
- RE: Internet Explorer 6 DoS Bug Richard M. Smith (Jul 08)
- Re: Internet Explorer 6 DoS Bug M. Osten (Jul 07)
- Re: Internet Explorer 6 DoS Bug Dimitri Limanovski (Jul 07)
- Re: Internet Explorer 6 DoS Bug golddog (Jul 07)
- Re: Internet Explorer 6 DoS Bug Karl DeBisschop (Jul 07)
- Re: Internet Explorer 6 DoS Bug Brett Hutley (Jul 07)
- Re: Internet Explorer 6 DoS Bug Sebastian Niehaus (Jul 08)
- Re: Internet Explorer 6 DoS Bug Spiro Trikaliotis (Jul 08)
- Re: Internet Explorer 6 DoS Bug madsaxon (Jul 08)
- Revisited Internet Explorer 6 DoS Bug Peter Kruse (Jul 08)
- RE: Revisited Internet Explorer 6 DoS Bug Simon Lorentsen (Jul 08)
- Re: Internet Explorer 6 DoS Bug Karl DeBisschop (Jul 07)
- The IE6 bug is nothing new... Justin Shin (Jul 07)
- Re: Internet Explorer 6 DoS Bug:add COM[n] ^Herman^ (Jul 14)
- Re: [Internet Explorer] 6 DoS Bug Jim Race (Jul 08)