|
|
|||||||
| 論壇說明 |
|
歡迎您來到『史萊姆論壇』 ^___^ 您目前正以訪客的身份瀏覽本論壇,訪客所擁有的權限將受到限制,您可以瀏覽本論壇大部份的版區與文章,但您將無法參與任何討論或是使用私人訊息與其他會員交流。若您希望擁有完整的使用權限,請註冊成為我們的一份子,註冊的程序十分簡單、快速,而且最重要的是--註冊是完全免費的! 請點擊這裡:『註冊成為我們的一份子!』 |
 |
|
|
主題工具 | 顯示模式 |
2006-03-24, 10:04 AM
|
#1 |
|
榮譽會員
 
|
New IE Exploit IE 又當掉了(測試 Opera 正常)
Microsoft is actually looking at an exploit in IE 6 that could cause it to crash! wow, rare. IE exploitable? See something new everday. But microsoft actually trying to fix it? We are special today are'nt we.
This exploit is set off by loading up malicious code from websites. It was announced on monday. So far, there are no patches available. So if you are using IE 6, fully patched or not (God so help you) then try not to go onto malicious sites. The exploit is in the mshtml.dll file. What happens is if a webscripter puts thousands of script action handlers for 1 html tag then the file will atempt to write an array so big it breaks the boundries that it will crash. Not fatal but can be very annoying. A small list of example action handlers onkeyup onkeypress onkeydown onmousemove onmousedown onmouseup onmouseout When there is nothing else for the page to do, its a simple crash. If the page redirects you or does others things in the code then you will find it will crash later on, at an unpredictable time. I have uploaded an example page. This will crash your browser (IE only). New IE Exploit 下面URL 打開, MS IE 當掉了(測試 Opera 正常) http://SecureFX.org/exploits/IE_6_Overflow_20_03_06.htm |
__________________
|
|
|
送花文章: 3,
|
平板模式
