Bugtraq mailing list archives
Re: Netscape 4 DoS/Possibly exploitable buffer overflow.
From: sublett () SWIPNET SE (SubLett)
Date: Thu, 19 Feb 1998 21:39:08 +0100
Subject: Re: Netscape 4 DoS/Possibly exploitable buffer overflow. Netscape 4.04 on NT 4.0 with SP3 has a buffer overflow in bookmarks, too. Tests with strings up to 3976 bytes did not cause any problems; strings of 3977 bytes length and above crashed netscape while it was loading the bookmark file. The "Dr. Watson" log file did not reveal any obvious indications.
I tried this on my computer running Win95 3.0.950B with Netscape 4.04 Swedish version. Strings that goes over 1079 chars tend to crash netscape... Norton Crashguard reported the following: NETSCAPE.EXE caused fault #c0000005 in NETSCAPE.EXE at address 014f:00532b9b MSG("Netscape", WM_CREATE, 00000000, 0088E6F4) -- SubLett
Current thread:
- Re: Netscape 4 DoS/Possibly exploitable buffer overflow. (fwd) Roland Grefer (Feb 19)
- atx motherboard powerbug (fwd) Andrea Arcangeli (Feb 19)
- Re: Netscape 4 DoS/Possibly exploitable buffer overflow. SubLett (Feb 19)