| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Nov 1 17:01:31 2005 From: ad at class101.org (ad@...ss101.org) Subject: new IE bug (confirmed on ALL windows) I think I have found by chance this weekend a security bug,while browsing the website news, within iexplorer on all windows versions. I haven't enough knowledge (and don't want) into web browsers security to conduct a full investigation, at least, I took the source of the webpage and with a simple split method on the html code, it's now reduce to some line of html code and a .css file to trigger the bug. And by the way the crash looks like to happen each time now instead of sometimes while browsing the affected website. http://class101.org/IEcrash.htm (ONLINE test) http://class101.org/IEcrash.rar (OFFLINE package) my tests(updated to 01 Nov. 2005): Windows NT4 Workstation SP6a ENGLISH 32-bit (IE32-6.0.2800.1106) -CRASH- Windows NT4 Server SP6a ENGLISH 32-bit (IE32-6.0.2800.1106) -CRASH- Windows 2k Workstation SP4 ENGLISH 32-bit (IE32-6.0.2800.1106) -CRASH- Windows 2k Server SP4 ENGLISH 32-bit (IE32-6.0.2800.1106) -CRASH- Windows XP Professional SP1 ENGLISH 64-bit (IE32-6.0.3790.1830) -CRASH- Windows XP Professional SP1 ENGLISH 64-bit (IE64-6.0.3790.1830) -CRASH- Windows XP Professional SP2 ENGLISH 32-bit (IE32-6.0.2900.2180) -CRASH- Windows XP Professional SP1 ENGLISH 32-bit (IE32-6.0.2900.1106) -CRASH- Windows 2k3 Server Std SP1 ENGLISH 32-bit (IE32-6.0.3790.1830) -CRASH- (silently exiting, no crash box...) -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051101/5991b77f/attachment.html
Powered by blists - more mailing lists