IE8 is have a bug thats allow denial access to
function "save as" if a html document have a very
long title.
By default wen a user try to clik in "save as "
the browser use the html title as the file name to
save; but if this title is very long , explorer give
a error because it can´t save this file.
Explorer can´t save files with the title longer
than 261 characters , them explorer give a warning
with a error that the file can´t save.
I think that this not have any security implication,
and i send it to MSRC and they think the same.
MSRC Response:
"agree with your assessment that this does not appear to
be a security issue. It may be a bug though so I am going
to forward your information directly to the product team
for considerations in a future non-security update"
a simple PoC of this situation:
<HTML>
<TITLE>A*261 chars</TITLE>
<HTML>
###########End #################
thank to all Lostmon groups team
Thnx to estrella to be my ligth
atentamente:
Lostmon (lostmon@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....
Subscribe to:
Posts (Atom)