|
|
| |
| Internet Explorer is Microsoft's core browser that is a part of any Windows operating system and is the dominant browser currently in the world. Internet Explorer is vulnerable to a DoS condition through the use of an invalid CSS tag. As a result of this invalid CSS tag the browser's memory image is corrupted causing it to crash. |
| |
Credit:
The information has been provided by Phuong Nguyen.
|
| |
Vulnerable Systems:
* Internet Explorer versions 5.x up to SP3 inclusive
* Internet Explorer versions up to 6.1 SP1 inclusive
Immune Systems:
* Internet Explorer version 5 SP4
The vulnerability allows a malicious web page to crash Internet Explorer by causing it to parse the CSS tag of the main page. A mere 11-byte HTML page is needed to exploit the denial of service condition. Any vulnerable version of Internet Explorer that parses the malicious page will get its memory image corrupted.
The vulnerability does not allow any code execution on the client browser or system and poses no other damage other than the crashing of the browser. Internet Explorer has more than one problem with Cascading Style-Sheets (CSS) but this one in particularly simple to exploit.
A page has to contain nothing but the following style tag in order to crash the vulnerable versions of IE:
<STYLE>@;/*
It is worth noting that other HTML tags in the page are not necessary and this alone is enough to trigger the vulnerability. Ecqurity has provided a sample page for convenience containing the malicious combination that could be used to test your version of IE. It can be found at http://www.ecqurity.com/adv/11.html.
|
|
|
|
|
