Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Potential overflow in Internet Explorer

From: Rio Martin <root () VBME NET>
Date: Mon, 5 Feb 2001 07:51:03 +0700
Sorry,
But I think this one is already known and quite old ...

Rio Martin.
www.rio-martin.com



----- Original Message -----
From: <joetesta () HUSHMAIL COM>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Tuesday, January 30, 2001 11:12 AM
Subject: Potential overflow in Internet Explorer


| Hi all --
|
|
|     While doing some testing on a web server, I discovered that Internet
| Explorer crashes when the following URL is typed in the address bar:
|
|
|         http://www.server.com/[a lot of 'A's]
|
|
| Here is the resulting dump:
|
|
| IEXPLORE caused an invalid page fault in
| module <unknown> at 0000:41414141.
| Registers:
| EAX=00000000 CS=017f EIP=41414141 EFLGS=00010246
| EBX=00000000 SS=0187 ESP=0058568c EBP=41414141
| ECX=0000002e DS=0187 ESI=01eef058 FS=581f
| EDX=004bcd28 ES=0187 EDI=0042b6ac GS=0000
| Bytes at CS:EIP:
|
| Stack dump:
| 41414141 41414141 41414141 41414141
| 41414141 41414141 41414141 41414141
| 41414141 41414141 41414141 41414141
| 41414141 41414141 41414141 41414141
|
|
|     I am using version 5.50.4522.1800 on Win98 SE with all critical
updates
| installed.  I attempted to reproduce this crash on three other machines
| without success.  Their version numbers where:
|
|         5.00.2614.3500,
|         5.50.4134.0100,
|         5.50.4134.0600
|
|     It seems as though this may be some sort of regression error,
| bad mix of software, or both.  Can anyone else reproduce this?
|
|
|         - Joe Testa  ( joetesta () hushmail com )
Previous By Date Next
Previous By Thread Next

Current thread: