[Am-info] Microsoft Internet Explorer Self-Referential Object Denial of Service
Fred A. Miller
fm@cupserv.org
Mon, 29 Apr 2002 16:14:35 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Microsoft Internet Explorer Self-Referential Object Denial of Service=20
Vulnerability
BugTraq ID: 4564
Remote: Yes
Date Published: Apr 20 2002 12:00A
Relevant URL:
http://www.securityfocus.com/bid/4564
Summary:
Microsoft Internet Explorer 6 (perhaps other versions as well) is
vulnerable to a denial of service due to an error in handling certain
self-referential <OBJECT> definitions in HTML documents. This occurs whe=
n
an object of type "text/html" is specified, with the DATA field
referencing the name of the HTML document in which it is defined. There
may be other circumstances in which this sort of self-reference may lead
to a browser crash.
- --=20
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org, www.cupserv.org
- --- SuSE Linux v8.0 Pro---
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjzNqasACgkQB9vk4ichYXc3JACgmyV3fNpOzKzknjiAJxNyWA40
HAAAn362bjyzmsGox+2IAVJYYtrRSNgu
=3DbAIs
-----END PGP SIGNATURE-----