Vulnerability Development mailing list archives
old netscape vuln - affecting XP/explorer?
From: "cassidy macfarlane" <cmac23 () barrysworld com>
Date: Fri, 6 Sep 2002 12:56:40 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi I posted this to bugtraq, but was advised to post here.. I d/loaded the old 'crash-netscape.jpg' from secfocus (id 1503, http://online.securityfocus.com/data/vulnerabilities/exploits/crash-netscape.jpg ) Sorry if it wraps intending to have a play with Mozilla ;). I stuck it into my cygwin dir on my local HD. When I browse to this folder using explorer (***Tiles view***), I get an explorer restart. (all open explorer windows close, but apps persist) /snip Faulting application explorer.exe, version 6.0.2600.0, faulting module ntdll.dll, version 5.1.2600.0, fault address 0x00003812. 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 46 61 69 6c ion Fail 0010: 75 72 65 20 20 65 78 70 ure exp 0018: 6c 6f 72 65 72 2e 65 78 lorer.ex 0020: 65 20 36 2e 30 2e 32 36 e 6.0.26 0028: 30 30 2e 30 20 69 6e 20 00.0 in 0030: 6e 74 64 6c 6c 2e 64 6c ntdll.dl 0038: 6c 20 35 2e 31 2e 32 36 l 5.1.26 0040: 30 30 2e 30 20 61 74 20 00.0 at 0048: 6f 66 66 73 65 74 20 30 offset 0 0050: 30 30 30 33 38 31 32 0d 0003812. 0058: 0a . /end snip I'm running XP Pro, all hotfixes (apart from todays....MS02-049 and MS02-050...yawn) Does anyone else get the same? Is this exploitable? - I get the same address (0x0003812) every time...is this adjustable with the header/etc in the dodgy .jpg? TIA, and apologies if this is known or a misconfiguration. Cassidy Macfarlane Group IT www.tenongroup.com PGP fingerprint: 31A2 1A52 6CB9 E91C 27D8 9C5C FC40 4FD7 5E96 E1A4 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPXiXUvxAT9deluGkEQIuewCgzZPslfiGX/EbwH3SEPXw2k5MHxsAoIMv WyrI7Lv3qUtHxGtfbboxOkJB =sXVg -----END PGP SIGNATURE-----
Current thread:
- old netscape vuln - affecting XP/explorer? cassidy macfarlane (Sep 06)
- RE: old netscape vuln - affecting XP/explorer? Ian Webb (Sep 07)
- Re: old netscape vuln - affecting XP/explorer? Tobias Sager (Sep 07)
- Re: old netscape vuln - affecting XP/explorer? Masor (Sep 08)
- Re: old netscape vuln - affecting XP/explorer? Tobias Sager (Sep 07)
- <Possible follow-ups>
- Re: old netscape vuln - affecting XP/explorer? Peter Andersson (Sep 08)
- RE: old netscape vuln - affecting XP/explorer? Ian Webb (Sep 07)