Hello,
Two days ago I received report from Oleg A. Cheremisin regarding
CSS parsing problem in Internet Explorer.
Internet Explorer (versions 5,5.5/Windows'98 and 6.0/XP have been
tested) as well as software which uses IE engine for html pages
displaying (like Outlook Express) crashes while trying to parse
CSS table (internal or external) with element p{cssText: font-weight:
bold;}
Perhaps it was supposed that property cssText can be used only in
scripts. It seems that there is no buffer overflow, but this
vulnerability still can be used for DoS attacks.
Description:
http://www.bugtraq.ru/rsn/archive/2002/06/22.html
Demonstration:
http://www.bugtraq.ru/rsn/archive/2002/06/.keep/.msiecrash.html
--
Yours sincerely, mailto:dl@bugtraq.ru
Dmitry Leonov http://www.bugtraq.ru
