0-Day : IE 6.0 SP2 (mshtml.dll) DoS exploit (PoC)

Filed under Security News, Security Programs, Windows

Another exicting day for Internet Explorer surfer!

This morning we’re going to list a DoS exploit released in the wild early this morning. This exploit isn’t as serious as the one we went over yesterday regarding WMF. I concider this DoS exploit more of an annoyance than a threat. Not to mention this only effects IE users, however it affects all of you at this point. First we’re going to list the code for this exploit, discovered by rgod and then we’ll go over recommended solutions and followup with the PoC.


< .head.>
< .style.>< .!-- #page div p:first-child:first-letter { border-bottom: 2px ridge #F5DEB3; } //-->
< ./style.>
< ./head.>
< .body.>< .div id="page">

< .strong.>suntzu< ./strong.>< ./p.>< ./div.>< ./p.>< ./div.>

As you can see this is a very simple attack and very easy to create. The good news is, I don’t see many people using this exploit for any benefits at most and annoyance, but who knows this could escalate into something bigger. However, since the WMF exploit is public now, I think the malicious users will be focusing on that bad boy.

Recommended Solution:
Mozilla Firefox 1.5 Final [ download ] w/ NoScript [ info] [download]

I know this isn’t a solution for die hard Internet Explorer users. However regardless the reason, we recommend using multiple browsers for different browsing habits. If your extra patanoid you can even go as far as running VMWARE Workstation 5.5.

Proof Of Concept:
Crash Internet Explorer 6.0

Note: clicking this link using Internet Explorer is pointless unless you actually want to crash you browser. We are unaware of any way around this using Internet Explorer as of now. If you know otherwise, please advise…


  1. benabdallah says:

    internetexplore MSHTML.DLL

  2. Quectotokat says:

    great domain name for blog like this)))
    ads: http://xabul.ru/

  3. Hello, I can’t understand how to add your blog in my rss reader
    signature: http://semev.ru/

Post a Comment

Your email is never published nor shared. Required fields are marked *