Toufeeq Hussain Reporter
	Description • 19 years ago

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8b5) Gecko/20051021 Flock/0.4 Firefox/1.0+
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.8b5) Gecko/20051021 Flock/0.4 Firefox/1.0+

In the above link, click on the link titled 'Microsoft Windows XP (All Service Packs)'.

This is a POC for an IE exploit which was published on Full-Disclosure for IE 6.0.
URL: http://seclists.org/lists/fulldisclosure/2005/Nov/0665.html

Confirmed on Firefox 1.0.7(Debian Linux) and Flock(0.4.8).

Thanks.

Reproducible: Always

Steps to Reproduce:
1.Open Firefox
2.Enter the following URL:http://www.computerterrorism.com/research/ie/poc.htm
3.Click on link titled: 'Microsoft Windows XP (All Service Packs)'

Actual Results:  
CPU utilization went up to 100% and the application did not respond at all.

Expected Results:  
The browser should handle the exploit in a graceful manner.

The Exploit code tries to execute Windows native code and tries to launch 'calc.exe'(Calculator on Windows).More details on the POC exploit available in the Computer Terrorism advisory which was published on Full-Disclosure list:http://seclists.org/lists/fulldisclosure/2005/Nov/0665.html

	Martijn Wargers (dead)
	Comment 1 • 19 years ago

*** This bug has been marked as a duplicate of 317334 ***