the mul
October 21st, 2004, 05:52 AM
Another set of vulnerabilities found today... :o
Opera HTML Parsing Errors Let Remote Users Deny Service
Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Opera in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.
Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.
An excessive COL SPAN within a TBODY section will trigger a crash.
http://securitytracker.com/alerts/2004/Oct/1011811.html
Mozilla HTML Parsing Errors Let Remote Users Deny Service
Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Mozilla in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.
Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.
Some TEXTAREA, INPUT, FRAMESET, and IMG tags followed by a NUL and some additional characters can trigger a crash.
Also, an "unusual combination of visual elements" can trigger a crash.
http://securitytracker.com/alerts/2004/Oct/1011810.html
Lynx HTML Parsing Errors Let Remote Users Deny Service
Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Lynx in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.
Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.
"Broken HTML" can trigger a crash.
http://securitytracker.com/alerts/2004/Oct/1011809.html
THE MUL
Opera HTML Parsing Errors Let Remote Users Deny Service
Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Opera in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.
Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.
An excessive COL SPAN within a TBODY section will trigger a crash.
http://securitytracker.com/alerts/2004/Oct/1011811.html
Mozilla HTML Parsing Errors Let Remote Users Deny Service
Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Mozilla in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.
Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.
Some TEXTAREA, INPUT, FRAMESET, and IMG tags followed by a NUL and some additional characters can trigger a crash.
Also, an "unusual combination of visual elements" can trigger a crash.
http://securitytracker.com/alerts/2004/Oct/1011810.html
Lynx HTML Parsing Errors Let Remote Users Deny Service
Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Lynx in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.
Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.
"Broken HTML" can trigger a crash.
http://securitytracker.com/alerts/2004/Oct/1011809.html
THE MUL