Vulnerability Development mailing list archives
Re: (MSIE dr. watson error)
From: Vitaly McLain <twistah () DATASURGE NET>
Date: Fri, 10 Nov 2000 18:14:12 -0600
This doesn't work any way I try it. I have Internet Explorer 5.5, which is really MSIE 5.50.4134.0600, running on Windows NT 4.0 SP5. I have tried feeding it "$", as well as other charachters, but to no avail. So my theories are this: either you have a version of IE that was mysteriously broken and fixed silently (doubt it) or that the overflow does not actually occur when the user inputs a long string into Address:. My theory is that perhaps the webserver you tested it against returned some HTTP-related field to your browser and that's where the overflow occured. I tested by connecting to a Linux server running Apache/1.3.6 which seems to cut part of the string off (or maybe not, but I am betting that it cuts something out the other httpd didn't). Anyway, that's just my theory, so enough rambling. Vitaly McLain twistah () datasurge net twistah @ OPN & EfNet "If you don't turn on to politics, politics will turn on you." - Ralph Nader
Current thread:
- Re: (MSIE dr. watson error) John Herron (Nov 11)
- Re: (MSIE dr. watson error) Vitaly McLain (Nov 11)