Vulnerability Development mailing list archives
RE: old netscape vuln - affecting XP/explorer?
From: "Ian Webb" <webbi () sapc edu>
Date: Sat, 7 Sep 2002 08:21:16 -0400
I can't reproduce on XP Pro, all current hotfixes. I *do* have MS02-050 patched, so maybe that's the difference. I don't see how it possibly could be, though. (I don't have the MS02-049 patch installed, as I don't have Visual Foxpro on this system.) The only other difference I can think of is that I have the WMP 9 beta installed. Anyone else been able to reproduce this? -----Original Message----- From: cassidy macfarlane [mailto:cmac23 () barrysworld com] Sent: Friday, September 06, 2002 7:57 AM To: vuln-dev () securityfocus com Subject: old netscape vuln - affecting XP/explorer? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi I posted this to bugtraq, but was advised to post here.. I d/loaded the old 'crash-netscape.jpg' from secfocus (id 1503, http://online.securityfocus.com/data/vulnerabilities/exploits/crash-nets cape.jpg ) Sorry if it wraps intending to have a play with Mozilla ;). I stuck it into my cygwin dir on my local HD. When I browse to this folder using explorer (***Tiles view***), I get an explorer restart. (all open explorer windows close, but apps persist) /snip Faulting application explorer.exe, version 6.0.2600.0, faulting module ntdll.dll, version 5.1.2600.0, fault address 0x00003812. 0000: 41 70 70 6c 69 63 61 74 Applicat 0008: 69 6f 6e 20 46 61 69 6c ion Fail 0010: 75 72 65 20 20 65 78 70 ure exp 0018: 6c 6f 72 65 72 2e 65 78 lorer.ex 0020: 65 20 36 2e 30 2e 32 36 e 6.0.26 0028: 30 30 2e 30 20 69 6e 20 00.0 in 0030: 6e 74 64 6c 6c 2e 64 6c ntdll.dl 0038: 6c 20 35 2e 31 2e 32 36 l 5.1.26 0040: 30 30 2e 30 20 61 74 20 00.0 at 0048: 6f 66 66 73 65 74 20 30 offset 0 0050: 30 30 30 33 38 31 32 0d 0003812. 0058: 0a . /end snip I'm running XP Pro, all hotfixes (apart from todays....MS02-049 and MS02-050...yawn) Does anyone else get the same? Is this exploitable? - I get the same address (0x0003812) every time...is this adjustable with the header/etc in the dodgy .jpg? TIA, and apologies if this is known or a misconfiguration. Cassidy Macfarlane Group IT www.tenongroup.com PGP fingerprint: 31A2 1A52 6CB9 E91C 27D8 9C5C FC40 4FD7 5E96 E1A4 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPXiXUvxAT9deluGkEQIuewCgzZPslfiGX/EbwH3SEPXw2k5MHxsAoIMv WyrI7Lv3qUtHxGtfbboxOkJB =sXVg -----END PGP SIGNATURE-----
Current thread:
- old netscape vuln - affecting XP/explorer? cassidy macfarlane (Sep 06)
- RE: old netscape vuln - affecting XP/explorer? Ian Webb (Sep 07)
- Re: old netscape vuln - affecting XP/explorer? Tobias Sager (Sep 07)
- Re: old netscape vuln - affecting XP/explorer? Masor (Sep 08)
- Re: old netscape vuln - affecting XP/explorer? Tobias Sager (Sep 07)
- <Possible follow-ups>
- Re: old netscape vuln - affecting XP/explorer? Peter Andersson (Sep 08)
- RE: old netscape vuln - affecting XP/explorer? Ian Webb (Sep 07)