Microsoft Internet Explorer 3/4/5 / Netscape Communicator 4 - IMG Tag Denial of Service

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1053540 漏洞类型
发布时间 2001-06-19 更新时间 2001-06-19
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Multiple CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/21041
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/3122/info

An issue which affects users of multiple web browsers on Microsoft Windows platforms has been discovered.

Multiple malicious IMG tags may cause a denial of services to users who view webpages they are embedded into. Any medium which allows web users to embed a sufficient amount of HTML code that will be displayed to other users(forums, guestbooks, etc.) is a potential attack vehicle for a malicious user. Additionally, malicious webmasters may construct webpages which exploit this vulnerability.

The multiple malicious IMG tags will contain a unique 'mailto:' link, forcing the affected browser to open a corresponding number of e-mail compose windows. At the very least the browser will crash, but system resources may be exhausted enough to cause the entire machine to crash. 

Post 100+ IMG Tags, each with a unique 'mailto:' link.

<img src="mailto:johndoe1@example.com">
<img src="mailto:johndoe2@example.com">
etc.