On Mon, 7 May 2001, Uidam, T (Tim) wrote:
> NOT Vulnerable on IE 5.5 SP1 (no hotfixes) on WinNT 4 SP5.
>
> Nope, not even the tiniest glitch. If a valid FTP address is put in place of
> "whatever" it simply displays the FTP root in the browser window.
>
> Running ftp://whatever/.#./ from Start/Run launches IE, and displays "cannot
> Find Server" with ftp://whatever// in the address bar.
>
> -----Original Message-----
> From: Elie Aka Lupin Bursztein [mailto:secu_at_BURSZTEIN.NET]
> Sent: Saturday, 5 May 2001 8:35
> To: VULN-DEV_at_SECURITYFOCUS.COM
> Subject: [bug]: Cause IE 5.X to crash
>
> the following url Crash IE : "ftp://whatever//.#./"
Uhh, note that you're trying
ftp://whatever/.#./
and the OP said to try
ftp://whatever//.#./
^^
Could you confirm that you tried it with TWO slashes?
One slash doesn't crash IE 5.5 SP1 on NT4SP6 but two slashes does.
Damian Menscher
--
--==## Grad. student & Sys. Admin. @ U. Illinois at Urbana-Champaign ##==--
--==## <menscher_at_uiuc.edu> www.uiuc.edu/~menscher/ Ofc:(217)333-0038 ##==--
--==## Physics Dept, 1110 W Green, Urbana IL 61801 Fax:(217)333-9819 ##==--
Received on May 11 2001
Intro
