BugTraq
Back to list
|
Post reply
Microsoft IE iframe src DoS already reported to Microsoft
Apr 08 2004 05:46PM
'ken'@FTU (ken ftusecurity com)
(1 replies)
Security Professionals,
On Wednesday, April 7, 2004, Emmanouel Kellinis reported to Bugtraq that
the following HTML tag would cause IE to crash:
<iframe src="?">
Please see post:
http://www.securityfocus.com/archive/1/359767/2004-04-05/2004-04-11/0
I discovered this bug in January 2004 and reported it to Microsoft on
January 28, 2004.
After working with Microsoft, I decided to wait until the bug was fixed
before announcing it. In my opinion, this is part of responsible
disclosure.
I hope Microsoft will publicly reply to this post and confirm that I was
the individual who originally reported the bug to them.
'ken'@FTU
--
====================================
http://www.ftusecurity.com
Serving Straight HTML Since '02
====================================
[ reply ]
Re: Microsoft IE iframe src DoS already reported to Microsoft
Apr 08 2004 07:45PM
Valdis Kletnieks vt edu
Privacy Statement
Copyright 2010, SecurityFocus
On Wednesday, April 7, 2004, Emmanouel Kellinis reported to Bugtraq that
the following HTML tag would cause IE to crash:
<iframe src="?">
Please see post:
http://www.securityfocus.com/archive/1/359767/2004-04-05/2004-04-11/0
I discovered this bug in January 2004 and reported it to Microsoft on
January 28, 2004.
After working with Microsoft, I decided to wait until the bug was fixed
before announcing it. In my opinion, this is part of responsible
disclosure.
I hope Microsoft will publicly reply to this post and confirm that I was
the individual who originally reported the bug to them.
'ken'@FTU
--
====================================
http://www.ftusecurity.com
Serving Straight HTML Since '02
====================================
[ reply ]