Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Quick-n-easy way to crash IE, WE, Outlook, OE, FrontPage
E-mail

Posted on 05/05/2003 8:02:36 AM PDT by Constitutionalist Conservative

Excerpt from e-mail I received today. Check the link -- it did in fact crash IE when I tried it. Dunno how well-known this is.


I'm writing this to you with my Mozilla browser, because IE just
crashed on the exploit of the bug at
<http://vibrantlogic.com/new.html> whose entire page source is these
five lines:

      <html>
      <form>
      <input type crash>
      </form>
      </html>

Details follow.

-~^~-
"Description:
A vulnerability identified in a library included in Windows XP and
Internet Explorer version 4.0 and newer can be exploited to cause a
DoS (Denial of Service) on certain applications.

The vulnerability is caused due to a NULL pointer dereference bug in
Microsoft Shell Light-Weight Utility Library ("shlwapi.dll"). A
malicious person can exploit the vulnerability by constructing a
special HTML document, which will crash applications using the
vulnerable library.

Reportedly, the vulnerability can be exploited to crash all of the
following applications:
- Windows Explorer
- Internet Explorer
- Outlook
- Outlook Express
- Frontpage

Solution:
There is no immediate solution available.

If this is regarded as a serious risk, then don't view untrusted HTML
documents. Use another browser that isn't linked to the vulnerable
library when surfing the Internet.


TOPICS: Computers/Internet
KEYWORDS: browser; bug

1 posted on 05/05/2003 8:02:37 AM PDT by Constitutionalist Conservative
[ Post Reply | Private Reply | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson