blufive: (Default)
blufive ([personal profile] blufive) wrote2003-05-03 01:12 pm
  • Add Memory
  • Share This Entry

Now THAT is a bug

As the geeks on slashdot are gleefully discussing someone has found a ludicrously simple way to construct a malicious HTML page, or even link, which crashes Internet Explorer.
Flat | Top-Level Comments Only

[identity profile] pickledginger.livejournal.com 2003-05-04 10:36 am (UTC)(link)
That *does* sound like fun. Though I'll have to check the link another time, when I've a non-MS browser to hand.

[identity profile] blufive.livejournal.com 2003-05-05 02:53 am (UTC)(link)
Here we go:

<html><form><input type></form></html>

There are even shorter variants, and it doesn't just kill IE, it kills anything using the MS HTML libraries (Outlook, Outlook Express, Windows Explorer, and no doubt a few more too)

[identity profile] pickledginger.livejournal.com 2003-05-05 09:09 pm (UTC)(link)
That's it??
Wow.
O, IE of little troubleshooting!

[identity profile] karmicnull.livejournal.com 2003-05-04 03:22 pm (UTC)(link)
Tried it. It works. It turns out to be just one line. Smart!
Flat | Top-Level Comments Only