Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Does IE object type overflow work only on an Administrator account?

From: "kathy tuckey" <kdtuckey () hotmail com>
Date: Thu, 24 Jul 2003 18:03:07 +0000
Does IE object type overflow work only on an Administrator account?
I'm puzzled by the following behaviour on a default install of WindowsXP Pro (IE 6.0):
Using html page containing: <object type = "[/x64]AAAAAAAAAAAAAAAAAA">whatever</object>
As a user with Administrator priveleges with default security settings, IE crashes (buffer is overflowed). As a user with Administrator priveleges with IE security settings set to "high", IE still crashes.
As a user with limited priveleges, the page loads fine and "whatever" appears on the screen. IE doesn't crash. The urlmon function causing the buffer overflow is never called by IE. (the breakpoint doesn't break) In this case, changing IE's security settings to "low" doesn't make a difference.
Does IE treat a user with limited priveleges differently than with Administrator priveleges? Am I simply missing a setting somewhere? 

Any words of wisdom?

Thanks,
Kathy

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Previous By Date Next
Previous By Thread Next

Current thread: