HTML Rendering Crashes IE 1000
SlimySlimy writes "According to this article on Secunia, a new IE exploit was found that crashes almost any version of Internet Explorer past 4.0 with just 5 lines of plain HTML code (no JavaScript, ActiveX, etc.). If you're very brave, you can test/crash your IE by going here." There's also a note on SecurityFocus.
Wonder if that works deeper in a page (Score:5, Funny)
Poetic Justice (Score:2, Funny)
<html>
<form>
<input type crash>
</form>
</html>
This has to be somthing put into ie on purpose... (Score:2, Funny)
Lets look at the code shall we:
An html tag, a form tag, then this:
A closing form tag, and closing html tag.
!?
You _MUST_ be kidding me...
Not a crash! (Score:2, Funny)
download the patch (Score:5, Funny)
Please note that this is a pretty bloated patch, but well worth it. ;)
No bugs here (Score:4, Funny)
input type _____ (Score:3, Funny)
input type giveBoBathan$1,000,000USD
Unfortunatly, Microsoft must have known of this potential exploit.
--Travis
So is IE 5.1.6 on OS 9.XX (Score:3, Funny)
Where is this IE you speak of? (Score:5, Funny)
Its now my new homepage!! (Score:2, Funny)
Re:input type _____ (Score:4, Funny)
Couldn't resist. (Score:5, Funny)
Who else couldn't resist from clicking on the link that would crash IE?
Re:OS X IE Is Unaffected (Score:2, Funny)
Running IE 6 on 2000 pro.
guess I have to fire up Mo*illa to see what the lines of html are.
# There is a key broken on my laptop and I am not
# getting out of bed at four in the morning to
# plug in the keyboard
Re:what happens? (Score:5, Funny)
That's why he freaks out sometimes and starts screaming DEVELOPERS DEVELOPERS DEVELOPERS DEVELOPERS!!
Re:Hah! I've got something that will crash IE also (Score:5, Funny)
What I really want to see... (Score:5, Funny)
Re:Bizarre (Score:2, Funny)
Re:Where is this IE you speak of? (Score:2, Funny)
*CUE MUSIC*
There she is... la la blah whateveerrr...
Do Not Download this patch! (Score:5, Funny)
1. All of my x10 ads are missing. I would like to remain up to date on the advances in wireless webcam technology and x10's implied use on spying on girls without their consent.
2. There is a *major* bug that hides webpages behind other webpages. I found a half-ass fix for now: click on the "tabs" at the top.
3. This patch broke both Comet Cursor and Hotbar. Worse, they're not auto-installing when I visit certain webpages or when I click on my co-workers "Upgrade Outlook for colors and background" emails.
4. My script debugging isn't working anymore. Sure, I have no idea what all that techno-babble means, but I know its broken!
5. Where the heck is msn.com now?
Aren't you people missing something? (Score:2, Funny)
This is a *SPLENDID* way to keep internet exploder (l)users away from webpages.
You don't want the average person to visit your website? smiple, insert 1 wee little line of code, et voila, bob's your uncle.
Come to think of it...if
(Hah! syeah right! Wishfull thinking
<wonderful dream>
It'll take 6 months before micro$oft fixes the problem, so that'll give the rest of us six months of troll-free slashdot happiness
<reality>
Having said that, I'm using Exploder on WinMe to submit this post - but mind you, it's the first time in 2 months I've been anywhere near windows - and yes, thats a real bug, it did crash - exploder only though...I figured windows would keel over with it. How eh...dissappointing
Ironic thoughts for the day:
1) this IE bug WILL become a feature.
<insert appropriate marketspeak here>
2) This post will get rated 'Troll'
Re:OS X IE Is Unaffected (Score:5, Funny)
I've had it. I'm switching.
<input type crash> will crash the browser... (Score:2, Funny)
Re:Opera and Mozilla are not affected. (Score:5, Funny)
Get the Fix! (Score:4, Funny)
BugFix Q3823982
This patch solves a vulnerability with Microsoft Internet Explorer Versions 4.0, 5.0, 5.5 and 6.0. A missing validation allowed snippits of code such as <form><input type cras.....
-----
This program has had a critical error and must be shut down...
This is correct behavior (Score:5, Funny)
just to make sure (Score:1, Funny)
Who needs a few lines.. (Score:2, Funny)
MOD PARENT UP AS FUNNY (Score:2, Funny)
Re:Not a crash! (Score:2, Funny)
Re:OS X IE Is Unaffected (Score:1, Funny)
Re:Two points of significance for crashes. (Score:5, Funny)
Man, do I wish someone would tell the Mozilla team that...
Re:Microsoft...bleh. (Score:2, Funny)
Re:MSFT Mac Apps (Score:5, Funny)
- Windows Media Player for the Mac (they need a better name for that app) works, but feels like quick and dirty port...
No big surprise, it feels that way under Windows as well.Re:Worth Pointing Out, I Think (Score:5, Funny)
Re:OS X IE Is Unaffected (Score:0, Funny)
I wonder about IE + Linux + Wine?
In related news......... (Score:2, Funny)
Re:Couldn't resist. (Score:2, Funny)
Re:I tried with Opera (Score:3, Funny)
Re:OS X IE Is Unaffected (Score:5, Funny)
Re:Poetic Justice (Score:2, Funny)
For the humor impaired I am using mozilla to post this.
OSS and the w3 falling behind - AGAIN! (Score:5, Funny)
Why is it that Microsoft is saddled with the burden of creating useful standards? Isn't this supposed to be the job of the w3?
I expect we'll have to wait a few years to see it in Moz and by then, microsoft will have implemented <input type explode into tiny pieces> or something even more spectacular.
Re:Very big deal (Score:2, Funny)
THIS NEVER HAPPENS ANYWHERE ELSE! Thank GOD the rest of the world is bug-free!
Re:Hah! I've got something that will crash IE also (Score:2, Funny)
It did not crash Lynx (Score:5, Funny)
IE on Solaris (Score:1, Funny)
Mind you, so does looking at it a bit funny
What if... (Score:2, Funny)
<input type bluescreen>
<input type slow_machine_to_crawl>
<input type bsa_audit>
<input type flood_ISP [slashdot.org]>
exist and they just haven't been discovered yet.
Re:Two points of significance for crashes. (Score:2, Funny)
I'm sure they'd be happy to give you your money back.
This is not fair (Score:2, Funny)
Would thid be proof ... (Score:1, Funny)
Re:Bugs, crashes (Score:3, Funny)
Nah, it's a feature, man! It prevents IE users from seeing non-Microsoft-certified websites!
Re:OS X IE Is Unaffected (Score:3, Funny)
Re:mozilla crashes too (Score:5, Funny)
Give it up for the Halting Problem Solution. Whoo whoo!
Re:Careful with those emails! (Score:3, Funny)
Re:Inquirer says one line (Score:5, Funny)
It's not a bug, it's a feature! The "crash" input type allows the user to crash the browser. It's very useful and another Microsoft (TM) innovation.
Re:Opera and Mozilla are not affected. (Score:5, Funny)
IE is doing exactly what the tag is telling it to do. It's a feature, not a bug!
Re:Crashing != bug (Score:2, Funny)
What, like a mediaeval monk? ;-)
I can do it in 12 bytes!!!! (Score:2, Funny)
<input type>
That's all. None of that unneeded crap. 12 bytes and crash!! The most efficient IE crasher web page yet. Beat that! I dare you.
Re:Wait a minute. (Score:3, Funny)
Maybe because no one can read it? What does it say? It appears to use english words, but well...
crash test (Score:3, Funny)
It wor
IE under XP crashes (Score:2, Funny)
Re:Two points of significance for crashes. (Score:5, Funny)
Only in the same sense that the Sports Illustrated football phone is free.
IE (Score:2, Funny)
MS Crash Month (Score:3, Funny)
Isn't every month MS crash month?
Re:NULL pointers and error handling (Score:3, Funny)
Another vile interface with idiot lights is the one that has an indecipherable light. Several mechanics have not been able to figure out what it means that one idiot light in my car sometimes comes on. One time it was fixed for about a week by adding oil (the oil light didn't come one, but when I checked the dipstick it was v. low). The owner's manual is... inscrutable.
Now, how to tie this back to null pointers... null pointers are sometimes 0 values that get stuck into pointers by accident. I don't think I've ever seen a good valid use of a null pointer as a pointer. But it's the default initial value (when there is one). So null pointer references *should* be disallowed. But I've encountered bad valid uses of null pointers. I've seen code where location 0 was used to store a value that needed to be globally accessible. (This may have been on a Z80, or some such.) Now that was a bad valid use of a 0 pointer, but it did allow code to be relocated. The problem was, if you encountered a pointer, you couldn't tell the difference between a null pointer and a 0 pointer. This lead to many troublesome errors. A far better choice is to just disallow it.
input type crash (Score:4, Funny)
Would the inverse apply? (Score:3, Funny)
Re:Crasher warning (Score:1, Funny)
Comic Book Guy: "Yeah like thats a useful invention"
(Sound of exploding Device)