I think I found a Security vulnerability in IE 6.0
- From: "flatliner60" <flatliner60@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 13 Jun 2005 20:15:01 -0700
Not a very major issue, but a malicous user has the ability to crash Internet
Explorer 6.0 on an unsuspecting user's computer., not sure to the extent of
what browser versions this affects, as I have only tested IE 6.0. The issue
occurs when the offending page contains an IFRAME and the following
Javascript code is run in:
document.all['myIFrame'].src = "javascript:;";
window.top.close();
In my situation the code was run from a modal dialog so there was no
security warning about the close. My assumption is that the Iframe is in a
vulnerable state when the close() function is called, causing a memory
leak/protection fault of some kind.. just my guess..
Regards,
Andrew
.
- Follow-Ups:
- Re: I think I found a Security vulnerability in IE 6.0
- From: Michael
- Re: I think I found a Security vulnerability in IE 6.0
- Prev by Date: Re: IE Shortcuts
- Next by Date: Re: I think I found a Security vulnerability in IE 6.0
- Previous by thread: Re: how do i retrieve my MSN email in outlook express
- Next by thread: Re: I think I found a Security vulnerability in IE 6.0
- Index(es):
Relevant Pages
|
