TUCoPS :: Browsers :: v7-1579.htm

Internet Explorer AJAX Bug
Internet Explorer AJAX Bug
Internet Explorer AJAX Bug


Summary:
Internet Explorer 6.0 and below hangs when entering prepared page

Details:
When using AJAX (Asynchronous JavaScript and XML) to load page content dynamicly we are allowed to do anything on the side of server. Internet Explorer process hangs when Content-type header is sent within.

Vulnerable Versions:
Internet Explorer 6.0 and below, tested on Windows XP, 2000 and 2003.

Patches/Workarounds:
Unknown.

Exploits:
Execute the following PHP script in IE to cause it's process to die.

"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> 
xmlns="http://www.w3.org/1999/xhtml" xml:lang="pl" lang="pl"> 

  
  






Discovered by
Łukasz Lach
anakin[at]php5[dot]pl

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH