[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000601c34584$c2787660$0202a8c0@teliahomebase>
From: kruse at krusesecurity.dk (Peter Kruse)
Subject: Revisited Internet Explorer 6 DoS Bug
Hi all,
The problem is surely related to the serial communication ports. It can
also, besides from the AUX call, be reproduced with a file:///c:/com1 or
file:///c:/com2 and so on ;-)
It?s possible to remotely DoS a browser this way. I?ve recieved several
reports, that this issue affects many other browsers, and can cause
Mcirosoft Windows to completely crash.
I have put up a new testpage using a simple: <img src=file:///c:/com1>
at:
http://www.krusesecurity.dk/com1_dos.htm
[Don?t go there unless you really want to!]
This attack can also be conducted with HTML based e-mails.
Med venlig hilsen // Kind regards
Peter Kruse
Kruse Security
http://www.krusesecurity.dk
Powered by blists - more mailing lists