[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Crash IE with 11 bytes ;)

I've been testing this under W2K with Moz. 1.6 and there is no sign of DoS. Mozilla handles this the usual way, this is what the source look like when you view it :

<STYLE></style>@;/*

The page just displays @;/* and the browser doesn't seem affected.

-----
Matt.

Phuong Nguyen wrote:
Stephen,

I believe that is something new right there. So the <style>;@/* partially DoS Mozilla too? Were you able to reproduce the situation? or it just happened once? As far as I know, it doesn't have any effect on Firefox on XP SP2 though. I wonder if anyone here experiences the same thing about Mozilla?

Phuong

At 02:50 AM 7/24/2004, Stephen Taylor wrote:

I don't understand the effect it has on Mozilla. It certainly crashed my IE
but for Mozilla, the URL window displayed a diamond shape with a red "X"
through it. Mozilla was unresponsive afterwards. I had to close the window
to recover. I am a W2K user at work.
ST

-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx]On Behalf Of Phuong
Nguyen
Sent: Friday, July 23, 2004 1:49 PM
To: Marcel Krause
Cc: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Crash IE with 11 bytes ;)


Oh, I actually didn't know about that! Coolio ;) !!

Phuong

At 12:47 AM 7/24/2004, Marcel Krause wrote:
>Hi!
>
>There is a similar Bug using about:<input%20type%20crash> .
>Well i think that's old news to you :)
>
>Yours, Marcel



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html