Vulnerability Development mailing list archives

Re: Word 2000 DDE error on Win2K


From: "Saroj Sahu" <4securityfocus () clickheretofind zzn com>
Date: Tue, 29 May 2001 15:54:53 +0530

Hi Oliver,

I also tested the same and am getting the same error with a little
variation. The memroy could not be read error is occuring , but the error
dialog title shows error in winword.exe in place of dde error.

Saroj.

----- Original Message -----
From: "Oliver Reeves" <Oliver.Reeves () compucat com au>
To: <VULN-DEV () securityfocus com>
Sent: Tuesday, May 29, 2001 5:25 AM
Subject: Word 2000 DDE error on Win2K


Morning All,

I was playing around with word this morning, and found something quite
interesting. I thought I'd post it to see what you all thought.

I'm not sure if this is a known bug in Word 2000, and I can't find out
right
now as I don't have web access from my PC at work.

I can consistently crash Word 2000 using the following method:

1) Open up any text/document editor such as notepad or wordpad
2) type a single word (must be a known word, no punctuation).
3) highlight the whole word and CTRL+C
4) launch word 2000
5) CTRL+V
6) press HOME to take you to the start of the line
7) type I
8) hit the space bar

this consistenly crashes word 2000 for me, and i get the following error
message:

DDE Server Window: WINWORD.EXE - Application Error
The instruction at "0x3076a63e" referenced memory at "0x00000000". The
memory could not be "read".

I am running:
Win2K 5.00.2195
Word 2000 9.0.3821 SR-1

I doubt that this would be exploitable, but I thought I'd find out if any
of
you could reproduce it.

Thanks
Oliver.


Current thread: