Vulnerability

    IE

Affected

    IE 4.x

Description

    "No  Strezzz  Cazzz"  found  following.   It  is possible to crash
    Internet Explorer 4.x by simply feeding it this link:

        ftp://:

    All open Internet Explorer/Explorer windows will close down and it
    will  reset   your  "Active   Desktop".    Opening  ftp://:   from
    applications like RealPlayer or  Windows Media Player will  result
    in the DoS on them aswell.

    Our friend, Dr. Watson, had this to say:

        An appication error has occured and an application error log is being generated.

        explorer.exe [or Internet Explorer, depends on where you open it]
        Exception: access violation (0xc0000005), Address: 0x7020dd84

    And Event Viewer told us:

        The shell stopped unexpectedly and explorer.exe was restarted.

    A funny  side-effect is  that if  you minimize  your ICQ (probably
    works on some other applications  aswell) after the crash it  will
    completely dissapear  (hm, I  noticed this  with win2000  whenever
    explorer.exe goes down).  It's not on your screen anymore and  you
    won't find it iin Task Manager/Applications either, yet its  still
    active!  It showed up in  Task Manager/Processes.  You can get  it
    back by simply restarting ICQ,  you'll get a message that  "ICQ is
    already running" and then it'll show up again.

    You can trigger it remote by using the infamous ICQ  Greeting-card
    vulnerability.   Put the  following line  in the  body of your ICQ
    Greeting-card:

        <meta http-equiv="REFRESH" content="3; URL=ftp://:">

    This advisory is the result of the "[bug]: Cause IE 5.X to  crash"
    message by Elie Aka Lupin Bursztein:

        http://oliver.efri.hr/~crv/security/bugs/NT/ie113.html

Solution

    Upgrade to IE5.X or 6.