Microsoft IE CSS DoS

2003-10-22T07:44:47
ID OSVDB:8129
Type osvdb
Reporter Andreas Boeckler(abo@netlands.de)
Modified 2003-10-22T07:44:47

Description

Vulnerability Description

Micrsoft Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered due to a unspecified error in 'mshtml.dll'. It is possible for a remote attacker to create a malicious web page that links to a CSS document with certain class descriptions for form elements, which may trigger a null dereference and causes the application to crash.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Micrsoft Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered due to a unspecified error in 'mshtml.dll'. It is possible for a remote attacker to create a malicious web page that links to a CSS document with certain class descriptions for form elements, which may trigger a null dereference and causes the application to crash.

References:

Vendor URL: http://www.microsoft.com/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-10/0216.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-10/0220.html