Vulnerability Development mailing list archives

MS Outlook javascript parsing bug

From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Tue, 9 Nov 1999 18:47:20 +0100


It seems that MS Outlook 8.5.5104.6 screws up when displaying the
following string in a mail message:

<javascript:location.reload()>

Note that you do NOT need to click it, just displaying the mail
message will crash Outlook.

The results are completely unpredictable, everything from hanging,
crashing or complaining about not being able to display a
particular font or complaining about being out of memory?!?!?!

Anyone care to do anything fun with it other than spam mailing
people to create a big 'ole DoS? :-)

Just my $.02
/Mike

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46-(0)660-105 50           Fax: +46-(0)660-122 50
Mobile: +46-(0)70-248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson () enternet se

Current thread:

MS Outlook javascript parsing bug Mikael Olsson (Nov 09)
- Open Port on Win98 box tschweikle () FIDUCIA DE (Nov 10)
  - Re: Open Port on Win98 box Marc Esipovich (Nov 09)
    - Re: Open Port on Win98 box Marc Esipovich (Nov 09)
    - Re: Open Port on Win98 box Mike Bush (Nov 13)
  - Re: Open Port on Win98 box Blue Boar (Nov 10)
    - Re: Open Port on Win98 box Dragos Ruiu (Nov 10)
    - minor (?) mc bug m4rcyS (Nov 10)
    - Re: minor (?) mc bug Blue Boar (Nov 13)
    - potential chage ovf m4rcyS (Nov 17)
- Re: MS Outlook javascript parsing bug Mikael Olsson (Nov 10)

(Thread continues...)