Zeno, WinXP Professional w/updates to date on IE 6.0.2600.0000.xpclient.010817-1148 with update Q312461 Took a little time (about 3 minutes) to render the output, but there was no crash, and it did complete. Output first line was: Hi(image that never loaded) o¹¹¹ºÖÕÖ×ØÙÚÛÖÉ˶§ÞÓßâãäåéâäàåçê=}o¹¹¹ºÖÕÖ×ØÙÚÛÖÉ˶§ÞÓßâãäåéâäàåçê=}o¹¹¹ ºÖÕÖ×ØÙÚÛÖÉ˶§ÞÓßâãäåéâäàåçê=} And the stuff after the image repeated for a while. My machine is a PII Xeon 400 w/1024K Cache-Lot SL34J with 256MB Physical RAM. -Colby -----Original Message----- From: zeno [mailto:bugtraqat_private] Sent: Wednesday, December 05, 2001 8:58 AM To: zeno Cc: incidentsat_private; bugtraqat_private; vuln-devat_private Subject: Re: IE Denial of service (sorta) I've had alot of people email me. So far crashed the following versions below. Can anyone confirm that anything below won't crash? Win 98 IE 6.0 Win ME IE 6.0(all patches as of yeserday) IE 6.0 on win xp crashed nt 4.0 and ie 5.5 sp6a IE5.5 sp2 and NT4 sp6a P3 733 w/128MB RAM It seems to be memory based. Systems with above 256 meg of ram don't seem to crash. I contacted microsoft no word back yet. - zeno > > > Hey > > I found this months ago and though it was patched but it managed to cause new errors > on win me with all updates on IE in kernel. On default win2k IE install it sucks up 100 percent cpu > for half on hour(128 meg of ram). > > Please click on it and tell me what happens to you. > (include version and patch info) > > Its a image tag with some garbage characters in a particular order. > I haven't bothered contacting microsoft yet because I'm not sure just how common a problem > this is, and with what patches installed. > > www.cgisecurity.com/crash.shtml > also try /crash2.shtml > > -zenomorph > >
This archive was generated by hypermail 2b30 : Thu Dec 06 2001 - 11:39:24 PST