Bugtraq mailing list archives

Re: new IE5 remote exploit

From: s.hird () STUDENT QUT EDU AU (Shane Hird)
Date: Tue, 7 Dec 1999 13:28:04 -0000

IE5 remote exploit # 2 - Jeremy Kothe (<A >HREF="mailto:paceflow () hotmail com">paceflow () hotmail com</A>)

Overrun: vnd.ms.radio:\\
------------------------


I have been trying to get that overrun to work for some time, however it doesn't seem possible on IE version:

5.00.2014.0216
Windows 98

with all the latest patches installed, so it has probably been fixed in a previous patch, most likely one of the 
earlier ones, as it wasn't exploitable some months ago either.

-Shane.

Current thread:

Re: FTP denial of service attack, (continued)
- - Re: FTP denial of service attack bert hubert (Dec 07)
    - Re: FTP denial of service attack antirez () INVECE ORG (Dec 09)
  - Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)
    - Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)
  - Re: FTP denial of service attack Theo de Raadt (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)
  - Re: FTP denial of service attack Gregory A Lundberg (Dec 10)
  - RSAREF2 buffer overflow patch Gerardo Richarte (Dec 10)
- Re: new IE5 remote exploit Shane Hird (Dec 07)
- NT WinLogon VM contains plaintext password visible in admin mode Robert Horvick (Dec 07)
  - Re: NT WinLogon VM contains plaintext password visible in admin mode Chris Paget (Dec 08)
- [Debian] New version of sendmail released Aleph One (Dec 07)
- The money: protocol in Internet Explorer Richard M. Smith (Dec 20)
  - Re: The money: protocol in Internet Explorer David Litchfield (Dec 21)
- Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability Ussr Labs (Dec 20)