Bugtraq mailing list archives
Re: [Full-Disclosure] RE: Internet Explorer - Multiple Vulnerabilities
From: "Berend-Jan Wever" <SkyLined () edup tudelft nl>
Date: Wed, 21 Jan 2004 14:47:57 +0100
I looked into the "buffer overflow": it's actually a stack overflow. This means Outlook Express just runs out of stack space and terminates. Nothing is overwritten, this is not exploitable to gain unauthorized access or elevate priviledges. Cheers, SkyLined
These are not IE vulnerabilities. In all, you have described several ways to do some basic ressource exhaustion by using Internet Explorer as well as an abnomaly in the Apache server and a possible exploitable buffer overflow in Outlook Express. The latter is definitely interesting, provided it is exploitable at all, but
the
first items are not security vulnerabilities - details below.
Current thread:
- Internet Explorer - Multiple Vulnerabilities Rafel Ivgi, The-Insider (Jan 20)
- <Possible follow-ups>
- RE: Internet Explorer - Multiple Vulnerabilities Thor Larholm (Jan 21)
- Re: [Full-Disclosure] RE: Internet Explorer - Multiple Vulnerabilities Berend-Jan Wever (Jan 21)