Vulnerability Development mailing list archives
Does IE object type overflow work only on an Administrator account?
From: "kathy tuckey" <kdtuckey () hotmail com>
Date: Thu, 24 Jul 2003 18:03:07 +0000
Does IE object type overflow work only on an Administrator account?I'm puzzled by the following behaviour on a default install of WindowsXP Pro (IE 6.0):
Using html page containing: <object type = "[/x64]AAAAAAAAAAAAAAAAAA">whatever</object>
As a user with Administrator priveleges with default security settings, IE crashes (buffer is overflowed). As a user with Administrator priveleges with IE security settings set to "high", IE still crashes.
As a user with limited priveleges, the page loads fine and "whatever" appears on the screen. IE doesn't crash. The urlmon function causing the buffer overflow is never called by IE. (the breakpoint doesn't break) In this case, changing IE's security settings to "low" doesn't make a difference.
Does IE treat a user with limited priveleges differently than with Administrator priveleges? Am I simply missing a setting somewhere?
Any words of wisdom? Thanks, Kathy _________________________________________________________________Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Current thread:
- Does IE object type overflow work only on an Administrator account? kathy tuckey (Jul 24)