[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Crash IE with 11 bytes ;)

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Crash IE with 11 bytes ;)
From: "Willem Koenings" <isec@xxxxxxxxxx>
Date: Sat, 24 Jul 2004 12:28:00 -0500

hi,
 
> I thought you guys might want to know that it only takes 11 bytes to crash 
> IE 5.x , 6.x SP1. CSS memory corruption vulnerability. All you need to do 
> is <style>;@/* ;) simple as that. More details@ 
> http://www.ecqurity.com/adv/IEstyle.html

IE 5.01 SP2 seems to be immune. tested at least 10 times :)

willem.


-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: FW: [Full-Disclosure] Question for DNS pros
Next by Date: Re: [Full-Disclosure] Crash IE with 11 bytes ;)
Previous by thread: RE: [Full-Disclosure] Crash IE with 11 bytes ;)
Next by thread: Re: [Full-Disclosure] Crash IE with 11 bytes ;)
Index(es):
- Date
- Thread