Slashdot Mirror

← Back to Stories (view on slashdot.org)

Another MS Internet Explorer Security Hole

Posted by timothy on Wednesday November 3, 2004 @02:37AM from the ever-onward dept.

chkorn writes "Michal Zalewski detected another security issue in Microsoft's Internet Explorer. With a well formed FRAME or IFRAME tag a Buffer Overflow happens and you can execute bad code on the stack. In his announcement on Bugtraq, he added a proof of concept and explained that all Internet Explorer 6.0 versions are affected, except Windows XP SP2 installations."

1 of 18 comments (clear)

Min score:

Reason:

Sort:

implementation by alatesystems · 2004-11-03 02:48 · Score: 4, Informative

I tried it on an xp SP1 box and it just freezes it.

I tried it on Mozilla 1.7.3 and it freezes it for about a minute, and then unfreezes and shows a blank IFRAME.

If you want to try it w/o extracting and all that stuff, click here.

Chris