Another set of Vulnerabilities in Opera, Mozilla & Lynx, Discovered

Another set of vulnerabilities found today...

Opera HTML Parsing Errors Let Remote Users Deny Service

Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Opera in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.

Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.

An excessive COL SPAN within a TBODY section will trigger a crash.

http://securitytracker.com/alerts/2004/Oct/1011811.html

Mozilla HTML Parsing Errors Let Remote Users Deny Service

Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Mozilla in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.

Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.

Some TEXTAREA, INPUT, FRAMESET, and IMG tags followed by a NUL and some additional characters can trigger a crash.

Also, an "unusual combination of visual elements" can trigger a crash.

http://securitytracker.com/alerts/2004/Oct/1011810.html

Lynx HTML Parsing Errors Let Remote Users Deny Service

Impact: Denial of service via network
Exploit Included: Yes
Description: A vulnerability was reported in Lynx in the parsing of HTML. A remote user can create HTML that, when loaded by the target user, will cause the target user's browser to crash.

Michal Zalewski reported that certain HTML tag sequences and formatting can cause denial of service conditions.

"Broken HTML" can trigger a crash.

http://securitytracker.com/alerts/2004/Oct/1011809.html


THE MUL