Microsoft Internet Explorer MHTML Denial of Service Vulnerability
BID:20875
Info
Microsoft Internet Explorer MHTML Denial of Service Vulnerability
| Bugtraq ID: | 20875 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 02 2006 12:00AM |
| Updated: | Nov 02 2006 09:07PM |
| Credit: | Positive Technoligies is credited with the discovery of this vulnerability. |
| Vulnerable: |
Microsoft Internet Explorer 7.0 |
| Not Vulnerable: | |
Discussion
Microsoft Internet Explorer MHTML Denial of Service Vulnerability
Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs when Internet Explorer attempts to parse certain malformed HTML content.
Successfully exploiting this issue will cause the affected application to crash, denying service to legitimate users.
Internet Explorer 7 is vulnerable to this issue; other versions may also be affected.
Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs when Internet Explorer attempts to parse certain malformed HTML content.
Successfully exploiting this issue will cause the affected application to crash, denying service to legitimate users.
Internet Explorer 7 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Microsoft Internet Explorer MHTML Denial of Service Vulnerability
The following sample MHTML file is available that demonstrates crashing Internet Explorer:
The following sample MHTML file is available that demonstrates crashing Internet Explorer:
Solution / Fix
Microsoft Internet Explorer MHTML Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Microsoft Internet Explorer MHTML Denial of Service Vulnerability
References:
References:
- Internet Explorer Homepage (Microsoft)