undefined | Better HN

0 pointsshadowgovt2y ago0 comments

Does disabling JavaScript also disable loading iframes? IIRC it does not, but my memory's hazy on the topic.

This exploit allows arbitrary code execution by requesting too big a height for an iframe, which corrupts a GDI data structure.

https://www.cvedetails.com/cve/CVE-2011-5046/

0 comments

ocdtrekkie2y ago

iframes are purely an HTML element. Of course, this flaw is patched in the latest Windows 7, but it's a great example of the potential risks nonetheless.

j / k navigate · click thread line to collapse

0 comments

ocdtrekkie2y ago

iframes are purely an HTML element. Of course, this flaw is patched in the latest Windows 7, but it's a great example of the potential risks nonetheless.

j / k navigate · click thread line to collapse