Bugtraq mailing list archives

Re: {\rtf\a112911112911112911112911...112911} in the body will cr ash OE5 clients.

From: eric () INFOBRO COM (Eric D. Williams)
Date: Fri, 25 Feb 2000 12:42:32 -0500


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Problems also noted with Outlook 97 - version info: 8.04.5619
Windows NT Server - sp 6a

Eric

Eric Williams, Pres.
Information Brokers, Inc.    Phone: +1 202.889.4395
http://www.infobro.com/        Fax: +1 202.889.4396
mailto:eric () infobro com      Pager: +1 301.303.8998
           For More Info: info () infobro com
                    PGP Public Key
   http://new.infobro.com/KeyServ/EricDWilliams.asc
Finger Print: 1055 8AED 9783 2378 73EF  7B19 0544 A590 FF65 B789

On Thursday, February 24, 2000 2:10 AM, Dawes, Rogan (ZA - JNB)
[SMTP:rdawes () DELOITTE CO ZA] wrote:

And having it in the subject causes funnies with the full outlook

client as well.

I was scrolling through the bugtraq messages, and noted that this
message(call it #2) had the same subject that the previous

message(#1) did,

although the window title had been updated appropriately. Moving on

to the

next message (#3), and going back again left me with the subject

from

message #3 showing on the subject line.

It may be possible to overflow Outlook itself by including a

carefully

crafted subject line.

Outlook version 9.0.0.2711 on NT 4 SP5

Rogan

-----Original Message-----
From: Indeera [mailto:indeera_ () HOTMAIL COM]
Sent: Wednesday, February 23, 2000 11:49 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: {\rtf\a112911112911112911112911...112911} in the body

will

crash OE5 clients.


This was tested by sending a message having the above string
in the body
from hotmail to OE5 client version 5.50.3825.400 on NT4
server  sp6. first
experianced while trying to open the message sent by Pauli
Ojanpera subject
reading 'riched32.dll buffer overflow'. Might not work in other

OE5

versions.  Just thought some one might be interested in this.
cheers
ind
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com>

iQA/AwUBOLa/AAVEpZD/ZbeJEQLyEACdGHrrYuTFx+tIyLA0vxBfWLE5p+QAoJYR
KndkyUGH2fQ+RpAP/rZErLwo
=z6dl
-----END PGP SIGNATURE-----

Current thread:

Re: {\rtf\a112911112911112911112911...112911} in the body will cr ash OE5 clients. Dawes, Rogan (ZA - JNB) (Feb 23)
- <Possible follow-ups>
- Re: {\rtf\a112911112911112911112911...112911} in the body will cr ash OE5 clients. Eric D. Williams (Feb 25)