[NT] IE CSS Parsing Error (cssText)
From: support@securiteam.comDate: 06/17/02
- Previous message: support@securiteam.com: "[UNIX] Remote Compromise Vulnerability in Apache HTTP Server (Chunked Encoding)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Mon, 17 Jun 2002 21:44:36 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
IE CSS Parsing Error (cssText)
------------------------------------------------------------------------
SUMMARY
A security vulnerability in Internet Explorer allows attackers to cause a
denial of service attack against the user's web browser (and programs that
use Internet Explorer to view web based content). The vulnerability occurs
whenever IE tries to parse a simple cascade style *** tag property.
DETAILS
Vulnerable systems:
* Internet Explorer version 5
* Internet Explorer version 5.5
* Internet Explorer version 6.0
* Outlook Express
Immune systems:
* Internet Explorer version 5.1.4 for MacOS X
Exploit:
Adding the following tag:
<style>p{cssText: font-we!ght: bold;}</style>
(Note, the letter 'i' has been replaced with an '!')
To any HTML page will cause the browser to instantly crash upon its
viewing.
Demonstration:
<http://www.bugtraq.ru/rsn/archive/2002/06/.keep/.msiecrash.html>
http://www.bugtraq.ru/rsn/archive/2002/06/.keep/.msiecrash.html
ADDITIONAL INFORMATION
The information has been provided by <mailto:dl@bugtraq.ru> Dmitry
Leonov, <mailto:patpro@patpro.net> patpro and Oleg A. Cheremisin.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] Remote Compromise Vulnerability in Apache HTTP Server (Chunked Encoding)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [NT] Cumulative Security Update for Internet Explorer (MS06-021)
... The following security advisory is sent to the securiteam mailing list, and can be found at
the SecuriTeam web site: http://www.securiteam.com ... Get your security news from
a reliable source. ... Improper memory and user input handling with Internet Explorer allows
... A remote code execution vulnerability exists in the way Internet Explorer ...
(Securiteam) - [NT] Cumulative Security Update for Internet Explorer (MS06-013)
... The following security advisory is sent to the securiteam mailing list, and can be found at
the SecuriTeam web site: http://www.securiteam.com ... Get your security news from
a reliable source. ... Microsoft Internet Explorer allow attackers to execute arbitrary
code, ... A remote code execution vulnerability exists in the way Internet Explorer ...
(Securiteam) - [NT] Cumulative Security Update for Internet Explorer (MS05-038)
... The following security advisory is sent to the securiteam mailing list, and can be found at
the SecuriTeam web site: http://www.securiteam.com ... Get your security news from
a reliable source. ... A buffer overflow vulnerability within Internet Explorer
allows attackers ... (Securiteam) - SecurityFocus Microsoft Newsletter #165
... Tenable Security ... distribute, manage, and communicate vulnerability
and intrusion detection ... Microsoft Internet Explorer MHTML Forced File Execution Vuln...
... (Focus-Microsoft) - [NT] Cumulative Security Update For Internet Explorer (MS04-004)
... The following security advisory is sent to the securiteam mailing list, and can be found at
the SecuriTeam web site: http://www.securiteam.com ... Get your security news from
a reliable source. ... previously-released updates for Internet Explorer 5.01, ...
vulnerability could result in the execution of a script in the Local ... (Securiteam)
