[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4102A5A6.8050009@spymac.com>
From: trakz at spymac.com (Matt Houston)
Subject: Crash IE with 11 bytes ;)
I've been testing this under W2K with Moz. 1.6 and there is no sign of
DoS. Mozilla handles this the usual way, this is what the source look
like when you view it :
<STYLE></style>@;/*
The page just displays @;/* and the browser doesn't seem affected.
-----
Matt.
Phuong Nguyen wrote:
> Stephen,
>
> I believe that is something new right there. So the <style>;@/*
> partially DoS Mozilla too? Were you able to reproduce the situation? or
> it just happened once? As far as I know, it doesn't have any effect on
> Firefox on XP SP2 though. I wonder if anyone here experiences the same
> thing about Mozilla?
>
> Phuong
>
> At 02:50 AM 7/24/2004, Stephen Taylor wrote:
>
>> I don't understand the effect it has on Mozilla. It certainly crashed
>> my IE
>> but for Mozilla, the URL window displayed a diamond shape with a red "X"
>> through it. Mozilla was unresponsive afterwards. I had to close the
>> window
>> to recover. I am a W2K user at work.
>> ST
>>
>> -----Original Message-----
>> From: full-disclosure-admin@...ts.netsys.com
>> [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Phuong
>> Nguyen
>> Sent: Friday, July 23, 2004 1:49 PM
>> To: Marcel Krause
>> Cc: full-disclosure@...ts.netsys.com
>> Subject: Re: [Full-Disclosure] Crash IE with 11 bytes ;)
>>
>>
>> Oh, I actually didn't know about that! Coolio ;) !!
>>
>> Phuong
>>
>> At 12:47 AM 7/24/2004, Marcel Krause wrote:
>> >Hi!
>> >
>> >There is a similar Bug using about:<input%20type%20crash> .
>> >Well i think that's old news to you :)
>> >
>> >Yours, Marcel
>>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists