ESI Manipulation?

[Disco Jonny <discojonny () gmail com>]

Hi,

I have been looking at stack stuff for a month or two now, so please
forgive my ignorance.

Anyways,  I was idly writing some JavaScript last night, when a badly
formed statement crashed my IE (Firefox recognises the bad script and
wont attempt to run it)

I fired up ollydb to take a look at it, and it would appear that I am
somehow overwriting the ESI  or EAX with 00000000.

Now is there anything that I can do with this?  I have tried to get it
to overwrite with different values but I cant.  This is probably
nothing, but hey I thought I would ask.  I don't know if this is of
any use to anyone, but here is some info from ollydb.

636B43AE   8B32             MOV ESI,DWORD PTR DS:[EDX]
636B43B0   8942 14          MOV DWORD PTR DS:[EDX+14],EAX
636B43B3   FF36             PUSH DWORD PTR DS:[ESI] <--  throws exception here
636B43B5   8D4A 04          LEA ECX,DWORD PTR DS:[EDX+4]
636B43B8   50               PUSH EAX

EAX 00000000
ECX 0637EE60
EDX 0637EE60
EBX FFFFFFFF
ESP 0637EE44
EBP 0637EE7C
ESI 00000000
EDI 0637EEF4
EIP 636B43B3 mshtml.636B43B3

0637EE44   00000000
0637EE48   637514E4  RETURN to mshtml.637514E4 from mshtml.636B4396

I have been doing a bit of googling, and I came across an article that
seemed to suggest that setting the ESI to 000000000 is a security
thing implemented by microsoft? This article was more confusing than
helpful - although I think that is becuase the authour was assuming a
level of skill that I don't currently posses.

Any advice anyone?

I am running a fully patched W2K box.

Thanks,

S.