netscape.js.table.dos.txt

1999-08-17T00:00:00
ID PACKETSTORM:11813
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `http://www.securiteam.com/exploits/Netscape_Communicator_Jav.html  
  
Article Title   
26/6/99  
Netscape Communicator JavaScript crash  
  
Article Summary   
Due to an HTML parsing problem, a simple html page containing JavaScript can crash the Netscape  
communicator browser.  
  
  
  
Article Details   
The following HTML code crashes Netscape:  
<table><td width="1"style=width:1><div style=width:1>1<script>document.write('<div  
style=width:1>')</script></table>  
  
Apparently this bug affects all platforms. The following Netscape versions were tested:  
  
- Netscape Communicator 4.08  
- Netscape Communicator 4.5  
- Netscape Communicator 4.51  
- Netscape Communicator 4.6  
- Netscape Communicator 4.61  
  
On the following platforms: Windows '95, Windows '98, Windows NT 4, Windows 2000 (professional and  
Server), MacOS, FreeBSD.  
  
Netscape 3.x versions are not affected by this bug.  
  
We have set up a test page for this vulnerability.  
CAUTION: Following this link might crash your browser!  
The test page can be found here: http://www.securiteam.com/exploits/Netscape_Crash_Test1.html.  
  
Since this bug is JavaScript related, disabling JavaScript will avoid the crash.  
  
  
  
Additional information   
This bug was found and reported by: Patrick Schroen Netscape was informed of this bug on June 23rd.   
`