HTML IMG tag width can be used to crash various Web browsers
| http-img-overflow (2039) |  Medium Risk |
Description:
The Lynx and Internet Explorer Web browsers (an possibly others) can be crashed with a Web page that contains an IMG tag with a width parameter set to an abnormally long value. This vulnerability is not known to lead to any type of unauthorized access.
Consequences:
Denial of Service
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Tue, 16 Mar 1999 00:26:31 +0100: Lynx 2.8 overflow.
- CVE-1999-0465: Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter.
Platforms Affected:
- Lynx Lynx
- Microsoft Internet Explorer
Reported:
Mar 16, 1999
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net