HTTP: Internet Explorer <IMG> Infinite Loop DoS
This signature detects attempts to exploit a known vulnerability in Microsoft Internet Explorer (IE). When IE attempts to create an image (img) with an invalid source (src), the onError event is triggered, which resets the src attribute to the same invalid src, creating an infinite loop (the onError event causes itself). Attackers can send a maliciously crafted URL containing an invalid image source to produce an infinite loop, causing the stack to overflow and creating a denial of service (DoS).
Short Name
HTTP:STC:IE:IE-IMG-INF-DOS
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
<IMG> DoS Explorer Infinite Internet Loop
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown