Microsoft Shlwapi.dll 6.0.2800.1106 Malformed HTML Form Tag DoS Vulnerability

2003-04-22T00:00:00
ID EDB-ID:22518
Type exploitdb
Reporter Ramon Pinuaga Cascales
Modified 2003-04-22T00:00:00

Description

Microsoft Shlwapi.dll 6.0.2800 .1106 Malformed HTML Form Tag DOS Vulnerability. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/7402/info

The 'shlwapi.dll' dynamic link library causes a calling application to fail when it attempts to render certain malformed HTML tags. This appears to be due to an attempt to perform a string comparison where one of the strings is a null pointer. It has been reported that this vulnerability could not be exploited to cause code execution. 

<html>
<form>
<input type crash>
</form>
</html>