Vulnerability Development mailing list archives
Re: Potential overflow in Internet Explorer
From: Greg Rice <grice () IASTATE EDU>
Date: Sat, 3 Feb 2001 18:35:07 -0600
i have been unable to reproduce this on win2k and NT boxes with IE5.5. has anyone tried this on WinMe yet? have you tried manipulating the input to figure the exact length needed to cause the overflow? greg ----- Original Message ----- From: <joetesta () HUSHMAIL COM> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Monday, January 29, 2001 10:12 PM Subject: Potential overflow in Internet Explorer
Hi all -- While doing some testing on a web server, I discovered that Internet Explorer crashes when the following URL is typed in the address bar: http://www.server.com/[a lot of 'A's] Here is the resulting dump: IEXPLORE caused an invalid page fault in module <unknown> at 0000:41414141. Registers: EAX=00000000 CS=017f EIP=41414141 EFLGS=00010246 EBX=00000000 SS=0187 ESP=0058568c EBP=41414141 ECX=0000002e DS=0187 ESI=01eef058 FS=581f EDX=004bcd28 ES=0187 EDI=0042b6ac GS=0000 Bytes at CS:EIP: Stack dump: 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 I am using version 5.50.4522.1800 on Win98 SE with all critical
updates
installed. I attempted to reproduce this crash on three other machines without success. Their version numbers where: 5.00.2614.3500, 5.50.4134.0100, 5.50.4134.0600 It seems as though this may be some sort of regression error, bad mix of software, or both. Can anyone else reproduce this? - Joe Testa ( joetesta () hushmail com )
Current thread:
- Potential overflow in Internet Explorer joetesta (Feb 03)
- Re: Potential overflow in Internet Explorer Greg Rice (Feb 04)
- AW: Potential overflow in Internet Explorer Gentleman (Feb 04)
- Re: AW: Potential overflow in Internet Explorer b1995 (Feb 04)
- Re: Potential overflow in Internet Explorer Robbert Muller (Feb 04)
- Re: Potential overflow in Internet Explorer Wouter Clarie (Feb 04)
- Re: Potential overflow in Internet Explorer Lord Soth (Feb 04)
- Re: Potential overflow in Internet Explorer Christopher Kunz (Feb 04)
- Re: Potential overflow in Internet Explorer Rio Martin (Feb 05)
- Re: Potential overflow in Internet Explorer Felipe Franciosi (Feb 05)
- Message not available
- Re: Potential overflow in Internet Explorer Felipe Franciosi (Feb 06)
- Re: Potential overflow in Internet Explorer Mike Fedyk (Feb 22)
- Message not available