Bugtraq mailing list archives
Re: IE4/5 "file://" buffer overflow
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Tue, 9 Nov 1999 21:28:07 +0100
Hi! A couple of questions.... First of all, does this happen just by viewing the page, or do you have to click the link? If you have to click the link to get it to work, one might want to look into using: 1. Javascript redirect (document.location="file://AAAAA...") 2. Meta refresh tags 3. DownloadBehaviour? 4. Server Redirects (Location: file:/AAAAA...); Having an exploit go off by clicking on a file:// link is bad in and of itself. Having it go off just by viewing the page/email that contains the file:// link is the "Good Times"/"Win a vacation" virus hoax come true. On a side note: The server redirect thing would not provide direct execution, but could be used to to hide the fact that the link you're about to click is suspicious. Yum:-P /Mike UNYUN wrote:
Hello Microsoft Internet Explorer 4/5 overflows when the handling of "file://" specification. This overflow occurs when we are logging on to the Microsft Network, this overflow can be verified if the long name is specfied to the "file://". For example,
-- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46-(0)660-105 50 Fax: +46-(0)660-122 50 Mobile: +46-(0)70-248 00 33 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Re: Insecure handling of NetSol maintainer passwords, (continued)
- Re: Insecure handling of NetSol maintainer passwords pedward () WEBCOM COM (Nov 10)
- Re: Insecure handling of NetSol maintainer passwords Trevor Schroeder (Nov 10)
- networksolutions CRYPT-PW salt (was: Re: Insecure handling of NetSol maintainer passwords) Jefferson Ogata (Nov 10)
- [Cobalt] Security Advisory - cgiwrap Jeff Bilicki (Nov 09)
- Re: MS Outlook alert : Cuartango Active Setup - Workaround Instructions Andy Helsby (Nov 09)
- Remote DoS Attack in TransSoft's Broker Ftp Server v3.5 Vulnerability Ussr Labs (Nov 08)
- FreeBSD 3.3's seyon vulnerability Brock Tellier (Nov 08)
- Re: FreeBSD 3.3's seyon vulnerability Bill Fumerola (Nov 09)
- Re: MS Outlook alert : Cuartango Active Setup Bronek Kozicki (Nov 09)
- IE4/5 "file://" buffer overflow UNYUN (Nov 08)
- Re: IE4/5 "file://" buffer overflow Mikael Olsson (Nov 09)
- (no subject) Ejovi Nuwere (Nov 09)
- Remote DoS Attack in QVT/Term 'Plus' 4.2d FTP Server Vulnerability Ussr Labs (Nov 09)
- Multiples Remotes DoS Attacks in Artisoft XtraMail v1.11 Vulnerability Ussr Labs (Nov 10)
- Re: Guestbook.pl, sloppy SSI handling in Apache? (VD#2) Chuck Phillips (Nov 07)