| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: s.lorentsen at box-smart.net (Simon Lorentsen) Subject: Revisited Internet Explorer 6 DoS Bug Peter, Just out of curiosity I tried it, nothing, not a bean, however I am open to the other bug. Sincerely yours, Simon Lorentsen -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Peter Kruse Sent: 08 July 2003 20:12 To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] Revisited Internet Explorer 6 DoS Bug Hi all, The problem is surely related to the serial communication ports. It can also, besides from the AUX call, be reproduced with a file:///c:/com1 or file:///c:/com2 and so on ;-) It?s possible to remotely DoS a browser this way. I?ve recieved several reports, that this issue affects many other browsers, and can cause Mcirosoft Windows to completely crash. I have put up a new testpage using a simple: <img src=file:///c:/com1> at: http://www.krusesecurity.dk/com1_dos.htm [Don?t go there unless you really want to!] This attack can also be conducted with HTML based e-mails. Med venlig hilsen // Kind regards Peter Kruse Kruse Security http://www.krusesecurity.dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2419 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030708/389a132d/smime.bin
Powered by blists - more mailing lists