| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Dec 2006 18:25:22 +0300 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: ajannhwt@...mail.com Cc: bugtraq@...urityfocus.com Subject: Re: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit Dear ajannhwt@...mail.com, First, array index overflow is usually very dangerous and is exploitable to code execution in many cases. Second, this one is not new. It was reported by Michal Zalewski in March and is patched in current Internet Explorer versions: http://www.security.nnov.ru/Ldocument832.html Third, your 'examle' is very like Michal's one except he doesn't use 'lcamtuf'. http://lcamtuf.coredump.cx/iedie.html --Sunday, December 3, 2006, 10:27:03 PM, you wrote to bugtraq@...urityfocus.com: ahc> [[DOS]]]------------------------------------------------------ ahc> All Events, (onclick,oneror,onmouseover,onload etc.) ahc> Example: ahc> Save to .html file ahc> *(a)* ahc> <a href=x onclick=ajann onclick=ajann onclick=ajann ahc> onclick=ajann onclick=ajann onclick=ajann onclick=ajann -- ~/ZARAZA http://www.security.nnov.ru/
Powered by blists - more mailing lists