BugTraq
Back to list
|
Post reply
Re: Update: Web browsers - a mini-farce (MSIE gives in)
Oct 25 2004 03:00PM
gabrield89 hotmail com
(1 replies)
In-Reply-To: <20041023001154.F23256 (at) dekadens.coredump (dot) cx [email concealed]>
>
>Last but not least, MSIE gives in:
>
>> Only MSIE appears to be able to consistently handle [*] malformed
>> input well, suggesting this is the only program that underwent
>> rudimentary security QA testing with a similar fuzz utility.
>
>To all those who considered my original post to be a great propaganda
>ammunition for praising MSIE, bad news - although it did take a longer
>while for it to give up - three hours - (impressive by comparison to
>competitors), it eventually did:
>
> http://lcamtuf.coredump.cx/mangleme/gallery/ie_die1.html
>
>Tested on 6.0.2800.1106, dies in mshtml.dll. This is a NULL pointer
>dereference, so merely a DoS condition, but still an evident flaw in
>basic HTML parsing.
>
Testing on Windows 98 running IE 6.0.2800.1106. Nothing happens. IE does not crash. Can anyone else confirm this?
[ reply ]
Re: Update: Web browsers - a mini-farce (MSIE gives in)
Oct 27 2004 06:09PM
MCMuir dstoutput com
Privacy Statement
Copyright 2010, SecurityFocus
>
>Last but not least, MSIE gives in:
>
>> Only MSIE appears to be able to consistently handle [*] malformed
>> input well, suggesting this is the only program that underwent
>> rudimentary security QA testing with a similar fuzz utility.
>
>To all those who considered my original post to be a great propaganda
>ammunition for praising MSIE, bad news - although it did take a longer
>while for it to give up - three hours - (impressive by comparison to
>competitors), it eventually did:
>
> http://lcamtuf.coredump.cx/mangleme/gallery/ie_die1.html
>
>Tested on 6.0.2800.1106, dies in mshtml.dll. This is a NULL pointer
>dereference, so merely a DoS condition, but still an evident flaw in
>basic HTML parsing.
>
Testing on Windows 98 running IE 6.0.2800.1106. Nothing happens. IE does not crash. Can anyone else confirm this?
[ reply ]