New IE Exploit IE 又當掉了(測試 Opera 正常)
 

Microsoft is actually looking at an exploit in IE 6 that could cause it to crash! wow, rare. IE exploitable? See something new everday. But microsoft actually trying to fix it? We are special today are'nt we.

This exploit is set off by loading up malicious code from websites. It was announced on monday.

So far, there are no patches available. So if you are using IE 6, fully patched or not (God so help you) then try not to go onto malicious sites.

The exploit is in the mshtml.dll file. What happens is if a webscripter puts thousands of script action handlers for 1 html tag then the file will atempt to write an array so big it breaks the boundries that it will crash. Not fatal but can be very annoying.

A small list of example action handlers

onkeyup
onkeypress
onkeydown
onmousemove
onmousedown
onmouseup
onmouseout

When there is nothing else for the page to do, its a simple crash. If the page redirects you or does others things in the code then you will find it will crash later on, at an unpredictable time.
I have uploaded an example page. This will crash your browser (IE only).
New IE Exploit 下面URL 打開, MS IE 當掉了(測試 Opera 正常)
http://SecureFX.org/exploits/IE_6_Overflow_20_03_06.htm