Vulnerability Development mailing list archives
Re: [bug]: Cause IE 5.X to crash
From: "Uidam, T (Tim)" <Tim.Uidam () SYD RABOBANK COM>
Date: Mon, 7 May 2001 12:09:45 +0800
Sorry, Typo! Yes, confirm vulnerability does NOT exist when entering ftp://whatever//.#./ on the below mentioned system. -----Original Message----- From: Damian Menscher [mailto:menscher () uiuc edu] Sent: Monday, 7 May 2001 13:08 To: Uidam, T (Tim) Cc: VULN-DEV () SECURITYFOCUS COM Subject: Re: [VULN-DEV] [bug]: Cause IE 5.X to crash On Mon, 7 May 2001, Uidam, T (Tim) wrote:
NOT Vulnerable on IE 5.5 SP1 (no hotfixes) on WinNT 4 SP5. Nope, not even the tiniest glitch. If a valid FTP address is put in place
of
"whatever" it simply displays the FTP root in the browser window. Running ftp://whatever/.#./ from Start/Run launches IE, and displays
"cannot
Find Server" with ftp://whatever// in the address bar. -----Original Message----- From: Elie Aka Lupin Bursztein [mailto:secu () BURSZTEIN NET] Sent: Saturday, 5 May 2001 8:35 To: VULN-DEV () SECURITYFOCUS COM Subject: [bug]: Cause IE 5.X to crash the following url Crash IE : "ftp://whatever//.#./"
Uhh, note that you're trying ftp://whatever/.#./ and the OP said to try ftp://whatever//.#./ ^^ Could you confirm that you tried it with TWO slashes? One slash doesn't crash IE 5.5 SP1 on NT4SP6 but two slashes does. Damian Menscher -- --==## Grad. student & Sys. Admin. @ U. Illinois at Urbana-Champaign ##==-- --==## <menscher () uiuc edu> www.uiuc.edu/~menscher/ Ofc:(217)333-0038 ##==-- --==## Physics Dept, 1110 W Green, Urbana IL 61801 Fax:(217)333-9819 ##==-- ================================================================== De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. ================================================================== The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. ==================================================================
Current thread:
- Re: [bug]: Cause IE 5.X to crash Arthur Barton (May 07)
- <Possible follow-ups>
- Re: [bug]: Cause IE 5.X to crash Scott Fagg (May 07)
- Re: [bug]: Cause IE 5.X to crash Nick Jacobsen (May 07)
- Re: [bug]: Cause IE 5.X to crash Uidam, T (Tim) (May 09)
- FW: [bug]: Cause IE 5.X to crash Uidam, T (Tim) (May 10)
- Re: [bug]: Cause IE 5.X to crash Usman Akeju (May 11)
- Re: [bug]: Cause IE 5.X to crash Damian Menscher (May 11)
- Re: [bug]: Cause IE 5.X to crash Uidam, T (Tim) (May 11)