Hi all, The problem is surely related to the serial communication ports. It can also, besides from the AUX call, be reproduced with a file:///c:/com1 or file:///c:/com2 and so on ;-)
It�s possible to remotely DoS a browser this way. I�ve recieved several reports, that this issue affects many other browsers, and can cause Mcirosoft Windows to completely crash. I have put up a new testpage using a simple: <img src=file:///c:/com1> at: http://www.krusesecurity.dk/com1_dos.htm [Don�t go there unless you really want to!] This attack can also be conducted with HTML based e-mails. Med venlig hilsen // Kind regards Peter Kruse Kruse Security http://www.krusesecurity.dk _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
