RE: IE Denial of service (sorta)

["R. Toma" <rtoma () yahoo com ar>]

100% CPU in just seconds, 256 MB RAM... I didn't reached the 100%. But it
goes fast. IE6.0.2600.0000.xpclient.010817-1148; Q306121.


Which is the code for the crash.shtml and crash2.shtml ???


-----Mensaje original-----
De: zeno [mailto:zeno () cgisecurity net]
Enviado el: Martes, 04 de Diciembre de 2001 19:00
Para: incidents () securityfocus com; bugtraq () securityfocus com;
vuln-dev () securityfocus com
Asunto: IE Denial of service (sorta)



Hey

I found this months ago and though it was patched but it managed to cause
new errors
on win me with all updates on IE in kernel. On default win2k IE install it
sucks up 100 percent cpu
for half on hour(128 meg of ram).

Please click on it and tell me what happens to you.
(include version and patch info)

Its a image tag with some garbage characters in a particular order.
I haven't bothered contacting microsoft yet because I'm not sure just how
common a problem
this is, and with what patches installed.

www.cgisecurity.com/crash.shtml
also try /crash2.shtml

-zenomorph


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com