Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: {\rtf\a112911112911112911112911...112911} in the body will cr ash OE5 clients.
From: eric () INFOBRO COM (Eric D. Williams)
Date: Fri, 25 Feb 2000 12:42:32 -0500


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Problems also noted with Outlook 97 - version info: 8.04.5619
Windows NT Server - sp 6a

Eric

Eric Williams, Pres.
Information Brokers, Inc.    Phone: +1 202.889.4395
http://www.infobro.com/        Fax: +1 202.889.4396
mailto:eric () infobro com      Pager: +1 301.303.8998
           For More Info: info () infobro com
                    PGP Public Key
   http://new.infobro.com/KeyServ/EricDWilliams.asc
Finger Print: 1055 8AED 9783 2378 73EF  7B19 0544 A590 FF65 B789

On Thursday, February 24, 2000 2:10 AM, Dawes, Rogan (ZA - JNB)
[SMTP:rdawes () DELOITTE CO ZA] wrote:
And having it in the subject causes funnies with the full outlook
2000
client as well.

I was scrolling through the bugtraq messages, and noted that this
message(call it #2) had the same subject that the previous
message(#1) did,
although the window title had been updated appropriately. Moving on
to the
next message (#3), and going back again left me with the subject
from
message #3 showing on the subject line.

It may be possible to overflow Outlook itself by including a
carefully
crafted subject line.

Outlook version 9.0.0.2711 on NT 4 SP5

Rogan

-----Original Message-----
From: Indeera [mailto:indeera_ () HOTMAIL COM]
Sent: Wednesday, February 23, 2000 11:49 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: {\rtf\a112911112911112911112911...112911} in the body
will
crash OE5 clients.


This was tested by sending a message having the above string
in the body
from hotmail to OE5 client version 5.50.3825.400 on NT4
server  sp6. first
experianced while trying to open the message sent by Pauli
Ojanpera subject
reading 'riched32.dll buffer overflow'. Might not work in other
OE5
versions.  Just thought some one might be interested in this.
cheers
ind
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com>

iQA/AwUBOLa/AAVEpZD/ZbeJEQLyEACdGHrrYuTFx+tIyLA0vxBfWLE5p+QAoJYR
KndkyUGH2fQ+RpAP/rZErLwo
=z6dl
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault