Crash IE with plain HTML

<html>
<form>
<input type crash>
</form>
</html>

Click here (warning IE *will* crash)

 

[BillGates]

Any volunteers?

 

[Chumpman]

It is confirmed, IE does crash.

 

[rh71]

Only IE ? Don't have my dev machine handy with all the other browsers...

 

http://www.theinquirer.net/?article=9288

Internet Explorer's dumbest bug ever revealed

One line of HTML and it's dead

By Staff at the Newsdesk: Friday 02 May 2003, 18:08

BORED OF CREATING buffer overflow possibilities and security gaps an electronic elephant could walk through, Microsoft's Internet Explorer development team has turned its attention to good old HTML. Thankfully, this bug just crashes IE. Embarrassingly for the Vole, it's done with just one malformed line of HTML.

The bug is listed on BugTraq as requiring five lines of HTML but, after a small amount of experimentation, you'll find that it can be done with just one line of HTML. The offending line?

<input type crash>

In fact, the word "crash" doesn't really make any difference; you can put "calamari" or "IE sucks" in there and it will still go belly up.

So the Vole has definitely managed to outdo itself this time. According to Neowin, Outlook, Frontpage and anything else that uses shlwapi.dll suffers the same fate. So that simple line of malformed HTML could stop you from reading your email too.

 

[Entity]

Displays just fine in opera.

Rob

 

I just sent myself an email with the code in it and it crashed outlook. This is bad. I guess Microsoft's developers are going to be working today.

 

[Adul]

Originally posted by: dwell
I just sent myself an email with the code in it and it crashed outlook. This is bad. I guess Microsoft's developers are going to be working today.

haha damn it works!

AMEESH FIX THIS NOW!

 

[ElFenix]

ah, good old mozilla

 

[Hammer]

yup crashed

 

[Barnaby W. Füi]

/me ponders adding it to every page in his website just for fun

 

[NuclearFusi0n]

<3 Phoenix/Mozilla/Firebird/whatever the hell they call it now

 

[amnesiac]

Hahaha that's funny. It works.

 

[Legendary]

How entertaining...

 

[illusion88]

Originally posted by: Legendary
How entertaining...

hehe
what a simple email bomb. Lol could be a good practical joke.

 

[notfred]

Safari renders it the same as <input type="text"> (a normal text input field)

 

[Wallydraigle]

That's not a bug, it's a feature.

 

[911paramedic]

That's pretty bad, not too many "common" internet peeps update their IE, this is going to cause problems for a while.

 

[Wallydraigle]

I think I just crashed my ISP's mail server. I can't send anything now. Oops

 

[Harvey]

Doesn't crash NS 6.23.

At Microsoft, failure is not an option -- It's built in. :Q

 

[Mookow]

Originally posted by: dwell

Click here (warning IE *will* crash)

Thank you, I just got a new AIM away message...

 

[Shawn]

funny!

 

[911paramedic]

Originally posted by: Harvey
Doesn't crash NS 6.23.

At Microsoft, failure is not an option -- It's built in. :Q

NS? Can you say non-compliant?

NS would be great if they would just comply with standard codes...

 

[MercenaryForHire]

LMFAO ... I can't believe that works.

- M4H

 

[ReiAyanami]

lower your firewalls and be....