Vulnerability Development mailing list archives
Re: Crash IE with shell://:
From: "CJ Oster" <cjo () dothe12 com>
Date: Tue, 22 May 2001 12:57:33 -0500
Just a little info, the shell://: in IE6 public preview also crashes explorer.exe on win2k, at least on my machine. The wierd thing is that it doesn't crash completely. That is the task bar stays on the screen, as well as all the icons, but you can't do anything with them and I have to go into the task manager and kill explorer.exe and restart it. -CJO- ----- Original Message ----- From: "Kayne Ian (Softlab)" <Ian.Kayne () softlab co uk> To: "Vuln-Dev" <VULN-DEV () securityfocus com> Sent: Tuesday, May 22, 2001 4:52 AM Subject: Crash IE with shell://:
All... Wrote this little thing in a few spare mins. I'm no use with javascript or webbased coding, so I'm sure there's much more you could do with this. Anyway, attached is a .html that crashes all the machines I tested it on - be prepared to loose explorer.exe if you run it. I guess
this
is a working exploit/bug (and a really annoying one if it starts appearing on the web), so if someone wants to forward this to the appropriate people (bugtraq? microsoft?) then go for it... Also, if we could narrow down exactly what it takes to fix it in the current versions, that would be
good
too. enjoy... Ian Kayne Technical Specialist - IT Solutions Softlab Ltd - A BMW Company <<iecrashtest.htm>> ******************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and Softlab does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the IT helpdesk by telephone on +44 (0)121 788 5480. ********************************************************************
Current thread:
- Crash IE with shell://: Kayne Ian (Softlab) (May 22)
- Re: Crash IE with shell://: CJ Oster (May 22)
- Re: Crash IE with shell://: cory (May 22)
- <Possible follow-ups>
- Re: Crash IE with shell://: Peter (May 23)
- Re[2]: Crash IE with shell://: Kevin J. Menard, Jr. (May 23)
- Re: Crash IE with shell://: Dino Amato (May 23)
- RE: Re[2]: Crash IE with shell://: Chris Tobkin (May 23)
- New/Hidden/Unimplemented IE Protocols (Re: Crash IE with shell://:) Usman Akeju (May 24)
- Re: Re[2]: Crash IE with shell://: Bob Fiero (May 23)
- RE: Re[2]: Crash IE with shell://: Kayne Ian (Softlab) (May 24)
- Re:Re[4]: Crash IE with shell://: Peter (May 24)
- Re: Crash IE with shell://: exceed mekka-symposium (May 24)