Original message : >Hola: >Well, as it seems that is the Microsoft Crash mounth, let see another one: >--------------------------------- ><html> ><form> ><input type crash> ></form> ></html> >--------------------------------- >This will crash IE with the following error: >"Unhandled exception in iexplore.exe (SHLWAPI.DLL): 0xC0000005: Access >Violation" >It's a null pointer overwrite, so it's not easly exploitable... >This HTML also crash Outlook, Frontpage, and all the Microsoft programs that >use the shlwapi.dll library to render web code. >Plain HTML is a dangerous language :) Added : It also seems to crash explorer.exe when the .html file containing the code is copied into any folder !! It may work since windows is trying to create a view in Windows explorer. Indeed, it doesn't work when the file is copied in the desktop. Tested on Windows XP with Office XP.
This archive was generated by hypermail 2b30 : Tue Apr 22 2003 - 14:34:50 PDT