Vulnerability Development mailing list archives
Re: res:// weirdness
From: Bill Weiss <bill_weiss () ATT NET>
Date: Wed, 16 Aug 2000 00:23:28 -0700
----- Original Message ----- From: "Markku-Juhani Saarinen" <mjos () CC JYU FI> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Tuesday, August 15, 2000 4:35 PM Subject: res:// weirdness
Hi, I don't know whether this is new or not, but the following URL seems to totally blow up IE 5, opening new windows until system resources are exhausted. This applies at least to NT 4 boxes with IE 5.5. res://shdocvw.dll/http_404.htm#http://www.securityfocus.com/ I found this basically while reading through SHDOCLC.DLL. If nothing special happens, try entering that url for the second time. Apparently cache is somehow involved with this thing.
Gave it a shot, and nothing happens on two test machines. One running NetCaptor (runs on top of IE 5.5), the other running IR 5.5 straight. Both running Windows 98 SE.
Current thread:
- res:// weirdness Markku-Juhani Saarinen (Aug 15)
- Re: res:// weirdness Bluefish (P.Magnusson) (Aug 16)
- Re: res:// weirdness Alex Schuetz (Aug 17)
- Re: res:// weirdness Bill Weiss (Aug 16)
- <Possible follow-ups>
- Re: res:// weirdness Markku-Juhani Saarinen (Aug 16)
- Re: res:// weirdness Bluefish (P.Magnusson) (Aug 16)