Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Internet Explorer >=5.0 : Buffer overflow

From: Philippe Biondi <biondi () cartel-securite fr>
Date: Wed, 25 Jun 2003 17:59:12 +0200 (CEST)
On Wed, 25 Jun 2003, SecurITeam BugTraq Monitoring wrote:


Hi,

I can confirm it under Windows 2000 with IE 5.50.4807.2300

Full control over the EIP, but the shellcode cannot contain (as it currently
appears) non Alpha Numeric characters, too bad I guess.


http://www.0x36.org/PAPERS/SHELLCODE/p57-0x0f.txt
There is no reason for this to work in the windows world.

-- 
Philippe Biondi <biondi@ cartel-securite.fr> Cartel Sécurité
Security Consultant/R&D                      http://www.cartel-securite.fr
Phone: +33 1 44 06 97 94                     Fax: +33 1 44 06 97 99
PGP KeyID:3D9A43E2  FingerPrint:C40A772533730E39330DC0985EE8FF5F3D9A43E2


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: