Bugtraq mailing list archives

Re: MSIE buffer overrun

From: Russ.Cooper () RC ON CA (Russ)
Date: Fri, 20 Mar 1998 17:23:22 -0500


BTW, someone reminded me that this looked very similar to the "MK
Overrun" exploit Dildog, from The l0pht, described in their advisory
from 1/14/98.

I set the MKEnabled registry entry to "No", and the exploit still works.
Of course I'm testing on IE 4.01 (4.72.2106.8).

Just an FYI in case you thought it was just a repeat of the same old
bug. It may well be a minor variation, but its not the same bug.

Cheers,
Russ Cooper
R.C. Consulting, Inc. - NT/Internet Security
http://www.ntbugtraq.com

Current thread:

MSIE buffer overrun Georgi Guninski (Mar 20)
- Re: MSIE buffer overrun Christian Holmqvist (Mar 20)
- <Possible follow-ups>
- Re: MSIE buffer overrun Russ (Mar 20)
- Re: MSIE buffer overrun matt sawkill (Mar 20)