Vulnerability
IE
Affected
IE 4.x
Description
"No Strezzz Cazzz" found following. It is possible to crash
Internet Explorer 4.x by simply feeding it this link:
ftp://:
All open Internet Explorer/Explorer windows will close down and it
will reset your "Active Desktop". Opening ftp://: from
applications like RealPlayer or Windows Media Player will result
in the DoS on them aswell.
Our friend, Dr. Watson, had this to say:
An appication error has occured and an application error log is being generated.
explorer.exe [or Internet Explorer, depends on where you open it]
Exception: access violation (0xc0000005), Address: 0x7020dd84
And Event Viewer told us:
The shell stopped unexpectedly and explorer.exe was restarted.
A funny side-effect is that if you minimize your ICQ (probably
works on some other applications aswell) after the crash it will
completely dissapear (hm, I noticed this with win2000 whenever
explorer.exe goes down). It's not on your screen anymore and you
won't find it iin Task Manager/Applications either, yet its still
active! It showed up in Task Manager/Processes. You can get it
back by simply restarting ICQ, you'll get a message that "ICQ is
already running" and then it'll show up again.
You can trigger it remote by using the infamous ICQ Greeting-card
vulnerability. Put the following line in the body of your ICQ
Greeting-card:
<meta http-equiv="REFRESH" content="3; URL=ftp://:">
This advisory is the result of the "[bug]: Cause IE 5.X to crash"
message by Elie Aka Lupin Bursztein:
http://oliver.efri.hr/~crv/security/bugs/NT/ie113.html
Solution
Upgrade to IE5.X or 6.
Credits
-- UnKnown --
|