Just one more flaw in 5.5 I guess
5.00.3103.1000
Win2K SP1
Page cannot be displayed, no crash...
http://: no crash
gopher://: crashes
gopher://:123 no crash
Debugging the gopher one, disassembly shows it crapped out on:
6303F75B mov byte ptr [eax+ecx],bl
Jon Zobrist
Manager Information Systems
Avaltus, Inc.
801-303-2101
kgb_at_ussr.com
----- Original Message -----
From: "Russ Spooner" <labrat_at_interrorem.com>
To: <VULN-DEV_at_securityfocus.com>
Sent: Wednesday, May 16, 2001 2:41 AM
Subject: RE: IE 5.x (5.50.4522.1800 SP1) Crash at gopher://:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> There would seem to be many ways of getting IE5 to die
>
> Running 5.50.4522.1800 under win2Kpro sp1
>
> tr the following for instance:
>
> http://:123/
>
>
> Not entirely useful unless you can cause malicious code to run on the
> remote machine.
>
> I guess the payload could be part of the url...
>
> It is anoying though.
>
> - -----------------------------------------+
> Russ Spooner (Mobile : 07771 544971) |
> Interrorem: Network Security Specialists |
> Software vulnerability testing & defence |
> Protecting business : www.interrorem.com |
>
>
>
> - -----Original Message-----
> From: Fernando Merino Levadinha [mailto:chuck_at_bn.com.br]
> Sent: 15 May 2001 22:42
> To: VULN-DEV_at_securityfocus.com
> Subject: IE 5.x (5.50.4522.1800 SP1) Crash at gopher://:
>
>
> Hi list,
>
> it's seem to be a new bug, i crashed my IE 5.x (5.50.4522.1800 SP1)
> with
> this URL:
>
> gopher://:
>
> it's like an older BUG in IE 4.x (ftp://:)
>
> regards,
>
> - --
>
> Fernando Merino Levadinha
> USJT Network Administrator
> fernando_at_usjt.br - [icq] 7452105
>
> PGP Fingerprint: A752 7473 A351 5D87 045D 3205 0C09 8C2F 4B99 0D20
>
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBOwI9JFKMcg0VZCu/EQISVwCg/pfoKUZ8PAhz3wm+O2o8QI5qRiAAoLgp
> 8dPaoTeVytIlOjUp7ij2hjj9
> =iQ1O
> -----END PGP SIGNATURE-----
>
>
Received on May 21 2001
Intro
