IE Shines On Broken Code
mschaef writes "While reading Larry Osterman'a blog (He's a long time Microsoftie, having worked on products dating back to DOS 4.0), I ran across this BugTraq entry on web browser security. Basically, the story is that Michael Zalewski started feeding randomly malformed HTML into Microsoft Internet Explorer, Mozilla, Opera, Lynx, and Links and watching what happened. Bottom line: 'All browsers but Microsoft Internet Explorer kept crashing on a regular basis due to NULL pointer references, memory corruption, buffer overflows, sometimes memory exhaustion; taking several minutes on average to encounter a tag they couldn't parse.' If you want to try this at home, he's also provided the tools he used in the BugTraq entry."
i find it fun that lots of people are putting firefox through all these tests and not having problems.. whereas, no matter what I do in Firefox, it crashes.
every single click to load another page. Boom! Seg fault!
"Champagne for my real friends - and real pain for my sham friends!" http://ericblade.postalboard.com/
You're an idiot and jeopardizing the security of your enterprise users just by being in a position to make a decision. I feel really bad for the CEO/CIO if he has to take legal sign-off for Sabanes-Oxley or anything else with jackasses like you in the field. Of course, it's his fault he hired you in the first place.