Vulnerability Development mailing list archives
Re: Outlook HTML crash
From: "Thor Larholm" <thor () pivx com>
Date: Mon, 17 Mar 2003 11:23:51 +0100
This is definitely older than the latest IE patch, I've been experiencing it personally for more than a year. In my cases, I can reproduce the issue more easily when posting plaintext newsgroup message replies. Both HTML and plaintext messages are edited throught MSHTML, which is further exposed in IE (among others) as an ActiveX control (the DHTML Editing Component) and directly embedded through the designMode/contentEditable properties. Any editing that we manually perform in Outlook or Outlook Express which causes them to crash or overflow (like pressing enter in the replied-to text) can be programmatically reproduced. Regards Thor Larholm ----- Original Message ----- From: "http-equiv () excite com" <http-equiv () malware com> To: <vuln-dev () securityfocus com> Sent: Sunday, March 16, 2003 8:42 PM Subject: RE: Outlook HTML crash
That's very interesting. We were just discussing this last week, it has been going on for months and seems to have come about after the very latest Internet Explorer cumulative patch. Also, as Kurt points out, hitting the enter key slowly or gently avoids the problem. Also happens when you 'reply to sender is same format [html]' and manually select plain text. Damn annoying "BUG!" in this particular vendor's ever long quest to irritate people ! MSIMN caused an invalid page fault in module MSHTML.DLL at 015f:636bd8b8. Registers: EAX=004711a4 CS=015f EIP=636bd8b8 EFLGS=00010202 EBX=02d6f2ec SS=0167 ESP=0056f3bc EBP=0056f3dc ECX=00000118 DS=0167 ESI=00000008 FS=124f EDX=0040003c ES=0167 EDI=004711a4 GS=0000 Bytes at CS:EIP: f3 a5 8b 4d 08 8b 49 0c 89 41 08 e9 76 13 fc ff Stack dump: 00000000 02d6fa90 0000001e 0355ab0c 00000000 00000000 00000000 00000000 0056f474 6370f575 02d6f320 02d6fa90 0355ab0c 00000000 00001e00 00000000 -- http://www.malware.com they don't call it crapware for nothing.
Current thread:
- FW: Outlook HTML crash Nate Nord (Mar 13)
- Re: Outlook HTML crash Kurt Seifried (Mar 13)
- Re: Outlook HTML crash Nexus (Mar 14)
- RE: Outlook HTML crash Larry Seltzer (Mar 14)
- <Possible follow-ups>
- RE: Outlook HTML crash http-equiv () excite com (Mar 16)
- Re: Outlook HTML crash Thor Larholm (Mar 17)
- Re: Outlook HTML crash Kurt Seifried (Mar 13)