IE Exploder

Subject: IE 6.0 SSL Warning dialog stack overflow
Date: Mon, 28 Nov 2005 11:26:13 +0100
To: secure@microsoft.com
From: FX

Hi,

IE seems to have an issue with pages served over plain text HTTP where
images and possibly other resources are embedded with HTTPS links and the
certificate validation fails. The browser displays the appropriate warning
dialog for each embedded element, causing a stack overflow and termination of
the process. The speakers page of this year’s CCC Congress serves as
unintentional example and led to the discovery of this bug.
http://events.ccc.de/congress/2005/fahrplan/speakers.en.html

Tested with: IE 6.0.2900.2180.xpsp_sp2_gdr.050301-1519 / XPSP2 German.

cheers
FX


FX
Phenoelit (http://www.phenoelit.de)
672D 64B2 DE42 FCF7 8A5E E43B C0C1 A242 6D63 B564

Links extern:
22C3 Weblog » Blog Archive » Congress Webpage: 1, Microsoft Internet Explorer: 0
22C3: Private Investigations – Speakers

0 Responses to “IE Exploder”


Comments are currently closed.