IMPORTANT FOLLOW UP ie6 input overflow

["Philip Wagenaar" <PB.Wagenaar () Chello NL>]

I forgot to say that the input type should be password!!!!!! I just
tested it without the password type and then I had no problems loading
the page. So it should look like:

<INPUT Name="PasswordProvided" Value="1,000,000 X's hereSize="1000000"
MAXLENGTH="1000000">

I also noticed that the there is no -" - after the last X
(..XXXXSize="100.....) it was a type-O on my part but that html I loaded
and made my CPU go 100% untill I used task manager to kill IE

Please retry it with the example above,

Sorry about the mess up in the first post,

Philip Wagenaar

-----Original Message-----
From: Philip Wagenaar [mailto:PB.Wagenaar () Chello NL] 
Sent: vrijdag 16 november 2001 2:58
To: vuln-dev () securityfocus com
Subject: ie6 input overflow

Hello everyone!

I made a simple html file with an input with field and defined 

value="1,000,000 x's here"
size="1000000"
maxlength="1000000"

and loaded it up in ie6.... my CPU utilization went straight up to 100%
and after a few minuted the status bar had Not Responding in it and I
had to close the IE window down with the task manager..

I tested this on a PII 300mhz with 178 mb ram under WindowsXP
Professional with IE6 with the latest hotfixes...

Can anyone else reproduce this or is it just that my system is out dated
;-)

Philip Wagenaar