Saturday, May 03, 2003

Security: Crash IE with 5 lines of HTML

A new IE exploit was found that crashes almost any version of Internet Explorer past 4.0 with just 5 lines of plain HTML code (no JavaScript, ActiveX, etc.).
Reportedly, the vulnerability can be exploited to crash the following applications:
- Windows Explorer
- Internet Explorer
- Outlook
- Outlook Express
- Frontpage

Here is the 5 lines of HTML thats required:


<html>
<form>
<input type crash>
</form>
</html>

No comments: