Microsoft Internet Explorer Frameset Denial of Service Vulnerability

Discussion in 'Computer Security' started by imhotep, Jun 7, 2006.

  1. imhotep

    imhotep Guest

    Microsoft Internet Explorer Frameset Denial of Service Vulnerability

    "Microsoft Internet Explorer is affected by a denial-of-service
    vulnerability. This issue arises because the application fails to handle
    exceptional conditions in a proper manner.

    An attacker may exploit this issue by enticing a user to visit a malicious
    site and then to click anywhere on the page. This results in a
    denial-of-service condition in the application.

    Internet Explorer version 6 is vulnerable to this issue; earlier versions
    may also be affected."

    http://www.securityfocus.com/bid/18277/discuss

    -- Imhotep
     
    imhotep, Jun 7, 2006
    #1
    1. Advertising

  2. Sebastian Gottschalk, Jun 7, 2006
    #2
    1. Advertising

  3. imhotep

    imhotep Guest

    Sebastian Gottschalk wrote:

    > imhotep wrote:
    >
    >> http://www.securityfocus.com/bid/18277/discuss

    >
    > Frame-set where a frame tries to resize itself crashes IE.
    >
    > [X] Tell news.



    ....wait a month and it will be a buffer overun vulnerability!

    Im
     
    imhotep, Jun 7, 2006
    #3
  4. imhotep wrote:

    >> Frame-set where a frame tries to resize itself crashes IE.
    >>
    >> [X] Tell news.

    >
    > ....wait a month and it will be a buffer overun vulnerability!


    Pretty unlikely that this could turn out as such.
     
    Sebastian Gottschalk, Jun 7, 2006
    #4
  5. imhotep

    imhotep Guest

    Sebastian Gottschalk wrote:

    > imhotep wrote:
    >
    >>> Frame-set where a frame tries to resize itself crashes IE.
    >>>
    >>> [X] Tell news.

    >>
    >> ....wait a month and it will be a buffer overun vulnerability!

    >
    > Pretty unlikely that this could turn out as such.


    ....and why do you say this?


    -- Imhotep
     
    imhotep, Jun 7, 2006
    #5
  6. imhotep wrote:
    > Sebastian Gottschalk wrote:
    >
    >> imhotep wrote:
    >>
    >>>> Frame-set where a frame tries to resize itself crashes IE.
    >>>>
    >>>> [X] Tell news.
    >>> ....wait a month and it will be a buffer overun vulnerability!

    >> Pretty unlikely that this could turn out as such.

    >
    > ....and why do you say this?


    Would you please take a close look on the exploit? And maybe at the
    relevant part of the source code? It's a simple assertation error.
     
    Sebastian Gottschalk, Jun 7, 2006
    #6
  7. imhotep

    imhotep Guest

    Sebastian Gottschalk wrote:

    > imhotep wrote:
    >> Sebastian Gottschalk wrote:
    >>
    >>> imhotep wrote:
    >>>
    >>>>> Frame-set where a frame tries to resize itself crashes IE.
    >>>>>
    >>>>> [X] Tell news.
    >>>> ....wait a month and it will be a buffer overun vulnerability!
    >>> Pretty unlikely that this could turn out as such.

    >>
    >> ....and why do you say this?

    >
    > Would you please take a close look on the exploit? And maybe at the
    > relevant part of the source code? It's a simple assertation error.


    ....I don't doubt it. I am saying what else can be done with it? Put on
    your ""creative hat"....most coding errors can be expolited...

    Im
     
    imhotep, Jun 7, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Imhotep
    Replies:
    16
    Views:
    1,173
    Imhotep
    Jun 3, 2006
  2. imhotep
    Replies:
    0
    Views:
    466
    imhotep
    Jun 9, 2006
  3. imhotep
    Replies:
    2
    Views:
    986
    Founder
    Jul 6, 2006
  4. Au79
    Replies:
    0
    Views:
    417
  5. Au79
    Replies:
    0
    Views:
    521
Loading...

Share This Page