検索:
ホーム   »     »   Microsoft IE 5 and 6 Remote Denial of Service (DoS) using IMG and XML elements

Microsoft IE 5 and 6 Remote Denial of Service (DoS) using IMG and XML elements

  • 投稿日:2006年1月18日
  • 脅威カテゴリ:未分類
  • 執筆:ウイルス解析担当者
0

A new Internet Explorer vulnerability has been found by Inge Henriksen that causes Remote Denial of Service (DoS). This can lead to crashing the affected browser while visiting web sites that have the ‘bad’ HTML code.


The exploit is triggered by bad HTML data combined with a bad XML block…


The source of the bug is basically a null pointer dereference, according to Inge. So, remote code execution is not possible. Moreover, the bug can be triggered just by inserting a one-liner HTML code in any HTML page.


I have tested the bug on MS Windows XP Professional with Service Pack 2 and IE 6.0.2900.2180 and here is what I’ve got.


Click to Enlarge


Other systems that are vulnerable are listed below.



  • Microsoft Windows Server 2003 with IE 6.0.2790.0
  • Microsoft Windows 2000 Advanced Server 5.00.2195 with Service Pack 4 and IE 5.00.3700.1000

This vulnerability has been known by Microsoft since December 30, 2005 but there is no fix yet until this moment.

No related posts.



  • 個人のお客さま向けオンラインショップ
  • |
  • 法人のお客さま向け直営ストア
  • |
  • 販売パートナー検索
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • 電子公告
  • ご利用条件
  • プライバシーポリシー
  • Copyright © 2021 Trend Micro Incorporated. All rights reserved.