[25803] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

IE 5.-6 CSS parsing error

daemon@ATHENA.MIT.EDU (Dmitry Leonov)
Sat Jun 15 12:32:52 2002

Date: Sat, 15 Jun 2002 15:46:40 +0400
From: Dmitry Leonov <dl@bugtraq.ru>
Reply-To: Dmitry Leonov <dl@bugtraq.ru>
Message-ID: <18110057451.20020615154640@bugtraq.ru>
To: bugtraq@securityfocus.com
In-Reply-To: <Pine.GSO.4.21.0206141513130.22064-100000@coltrane>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-MDaemon-Deliver-To: bugtraq@securityfocus.com

Hello,

Two days ago I received report from Oleg A. Cheremisin regarding
CSS parsing problem in Internet Explorer.
Internet Explorer (versions 5,5.5/Windows'98 and 6.0/XP have been
tested) as well as software which uses IE engine for html pages
displaying (like Outlook Express) crashes while trying to parse
CSS table (internal or external) with element p{cssText: font-weight:
bold;} 
Perhaps it was supposed that property cssText can be used only in
scripts. It seems that there is no buffer overflow, but this
vulnerability still can be used for DoS attacks.

Description:
http://www.bugtraq.ru/rsn/archive/2002/06/22.html
Demonstration:
http://www.bugtraq.ru/rsn/archive/2002/06/.keep/.msiecrash.html 

-- 
Yours sincerely,        mailto:dl@bugtraq.ru
Dmitry Leonov          http://www.bugtraq.ru


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[25803] in bugtraq

IE 5.-6 CSS parsing error

daemon@ATHENA.MIT.EDU (Dmitry Leonov)Sat Jun 15 12:32:52 2002

daemon@ATHENA.MIT.EDU (Dmitry Leonov)
Sat Jun 15 12:32:52 2002