|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: 25 Oct 2004 15:00:44 -0000 Message-ID: <20041025150044.21995.qmail@www.securityfocus.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 From: <gabrield89@hotmail.com> To: bugtraq@securityfocus.com In-Reply-To: <20041023001154.F23256@dekadens.coredump.cx> > >Last but not least, MSIE gives in: > >> Only MSIE appears to be able to consistently handle [*] malformed >> input well, suggesting this is the only program that underwent >> rudimentary security QA testing with a similar fuzz utility. > >To all those who considered my original post to be a great propaganda >ammunition for praising MSIE, bad news - although it did take a longer >while for it to give up - three hours - (impressive by comparison to >competitors), it eventually did: > > http://lcamtuf.coredump.cx/mangleme/gallery/ie_die1.html > >Tested on 6.0.2800.1106, dies in mshtml.dll. This is a NULL pointer >dereference, so merely a DoS condition, but still an evident flaw in >basic HTML parsing. > Testing on Windows 98 running IE 6.0.2800.1106. Nothing happens. IE does not crash. Can anyone else confirm this?
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |