Jj Del Carpio

Jj's web stream

Internet Explorer Javascript Exploit

This is the createTextRange() exploit

It affects patched versions of Internet Explorer 6, 7 with SP2. What the code does is make Internet Explorer encounter an exception that references a distant memory location, where currently there is nothing. But this cuold lead to the execution of arbitrary code found there.

Here a C program by milw0rm that creates index.html files that will crash Internet Explorer

This is a page that makes use of this exploit. This will crash your Internet Explorer!

The code looks something like this:

<input type="checkbox" id=&#39;c&#39;>




<script>




    r=document.getElementById("c");




    a=r.createTextRange();




</script>

It's been classified by Secunia as Very Critical

Jj Avatar of Jj

Reply or react to this post via Webmentions