Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: IE6 SP1 - Click N Crash is old news
From: "Berend-Jan Wever" <skylined () edup tudelft nl>
Date: Tue, 15 Feb 2005 23:08:26 +0100
Discovered by : Gregory R. Panakkal

Incorrect: E.Kellinis reported it on Friday, May 07, 2004 to bugtraq:
http://www.securityfocus.com/archive/1/362524/2004-05-06/2004-05-12/0



Pointing a link to the URI -> file://!:\ [replace !
with the character with ascii value for eg:- 0xA0].
Causes IE6-SP1 to crash, the illegal op occuring in
user32.dll. Other special characters are also
possible.


More details can be found here:
http://lists.netsys.com/pipermail/full-disclosure/2004-May/021272.html
http://lists.netsys.com/pipermail/full-disclosure/2004-December/030115.html

                        .-----------------------------------,
                       / Berend-Jan Wever aka SkyLined       )
                      / skylined () edup tudelft nl            / \
                     / http://www.edup.tudelft.nl/~bjwever /  /
                    / PGP key ID 0x48479882               /  /
                   / .----.            ,                 /  /
                  / (      '  /       /  .     __   __/ /  /
                 /   `'-._   /.' | / /  / ( / /_.'.' / /  /
                (         ) / )  |/ /  / / ) (__ (__/ /  /
                 \-------' ------` '-----------------<  /
                  \______.`\______\/\_________________\/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]