Vulnerability Development mailing list archives
Re: Potential overflow in Internet Explorer
From: Felipe Franciosi <franciozzy () TERRA COM BR>
Date: Tue, 6 Feb 2001 08:19:25 -0200
Now I've seen the segfault of IE on an WinNT 4.0 with Internet Exploder 5.00.2919.6307. And what about this apache Forbidden message? Does anyone knows what that is about? Best Regards, Felipe On Mon, 5 Feb 2001 14:40:22 -0800 , "Pascal Jobin" <pascal.jobin () gsig-net qc ca> wrote:
I got a forbidden message too from an Apache 1.3.12 server running under Red hat linux 6.2 (Kernel 2.2.14-5.0). I run Win2000 Advanced server with IE 5.5. IE 5.5 nerver crash. Pascal Jobin ----- Original Message ----- From: "Felipe Franciosi" <franciozzy () TERRA COM BR> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Monday, February 05, 2001 4:35 AM Subject: Re: Potential overflow in Internet ExplorerHi, I've tried with different lenghts of "a"s up to 1024 chars. The IE did NOT crashed, but when I used 1024 chars, I got a Forbidden message from an Apache 1.3.17 running on a Linux Slackware 7.1 with Kernel 2.2.18, instead of a 404. I'm sure the URL doesn't exist because I run the machine. :-) btw, the workstation is a win2k english professional edition with IE version 5.00.2920.0000, cipher 56-bit. []'s Felipe On Mon, 29 Jan 2001 20:12:20 -0800 , joetesta () HUSHMAIL COM wrote:Hi all -- While doing some testing on a web server, I discovered that Internet Explorer crashes when the following URL is typed in the address bar: http://www.server.com/[a lot of 'A's] Here is the resulting dump: IEXPLORE caused an invalid page fault in module <unknown> at 0000:41414141. Registers: EAX=00000000 CS=017f EIP=41414141 EFLGS=00010246 EBX=00000000 SS=0187 ESP=0058568c EBP=41414141 ECX=0000002e DS=0187 ESI=01eef058 FS=581f EDX=004bcd28 ES=0187 EDI=0042b6ac GS=0000 Bytes at CS:EIP: Stack dump: 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 I am using version 5.50.4522.1800 on Win98 SE with all criticalupdatesinstalled. I attempted to reproduce this crash on three other machines without success. Their version numbers where: 5.00.2614.3500, 5.50.4134.0100, 5.50.4134.0600 It seems as though this may be some sort of regression error, bad mix of software, or both. Can anyone else reproduce this? - Joe Testa ( joetesta () hushmail com )-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Felipe Franciosi franciozzy () corp terra com br UIN - 33596050 Suporte Nacional Terra Networks Brasil S.A. http://www.terra.com.br Porto Alegre - RS Fone: (51) 284 4230 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Felipe Franciosi franciozzy () corp terra com br UIN - 33596050 Suporte Nacional Terra Networks Brasil S.A. http://www.terra.com.br Porto Alegre - RS Fone: (51) 284 4230 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Current thread:
- Potential overflow in Internet Explorer joetesta (Feb 03)
- Re: Potential overflow in Internet Explorer Greg Rice (Feb 04)
- AW: Potential overflow in Internet Explorer Gentleman (Feb 04)
- Re: AW: Potential overflow in Internet Explorer b1995 (Feb 04)
- Re: Potential overflow in Internet Explorer Robbert Muller (Feb 04)
- Re: Potential overflow in Internet Explorer Wouter Clarie (Feb 04)
- Re: Potential overflow in Internet Explorer Lord Soth (Feb 04)
- Re: Potential overflow in Internet Explorer Christopher Kunz (Feb 04)
- Re: Potential overflow in Internet Explorer Rio Martin (Feb 05)
- Re: Potential overflow in Internet Explorer Felipe Franciosi (Feb 05)
- Message not available
- Re: Potential overflow in Internet Explorer Felipe Franciosi (Feb 06)
- Re: Potential overflow in Internet Explorer Mike Fedyk (Feb 22)
- Message not available
- Re: Potential overflow in Internet Explorer William N. Zanatta (Feb 05)
- <Possible follow-ups>
- Re: Potential overflow in Internet Explorer Eric D. Williams (Feb 05)
- Re: Potential overflow in Internet Explorer Bojan Zdrnja (Feb 06)
- Re: Potential overflow in Internet Explorer Benjamin Branch (Feb 06)
- Re: Potential overflow in Internet Explorer Mike Sues (Feb 07)
- Re: Potential overflow in Internet Explorer Bojan Zdrnja (Feb 06)
- Re: Potential overflow in Internet Explorer Mike Duncan (Feb 05)
- Re: Potential overflow in Internet Explorer Arturo Busleiman (Feb 05)