Re: greek characters buffer overflow, AGAIN!

From: xfesty (xfesty@computeraddictions.com.au)
Date: 04/16/02 

From: xfesty <xfesty@computeraddictions.com.au>
To: MegaHz <admin@cyhackportal.com>
Date: 17 Apr 2002 03:25:23 +1000

Loads no problems on IE 6.0.

I don't see the problem here - Microsoft have obviously addressed the
issue... IE 5.0 is very old.

- Ryan

On Tue, 2002-04-16 at 19:40, MegaHz wrote:
>
> One year ago I discovered a buffer overflow in the address bar of IE 5.0 using greek characters, look at:
> http://www.cyhackportal.com/modules.php?name=News&file=article&sid=81
>
>
> Today I discover this:
> http://www.bestbuy.com.cy/cgi-bin/buy.storefront/<<<áx1388>>>/Product/View/CMPL_00_GDXbox
>
> (do not use: <<<,>>>)
> and yes, Internet explorer, exited by itself. Very strange. I don't know why, pls try that
> I uploaded here a sample html,
> http://megahz.cyhackportal.com/hey.html
>
> I test it out on 3 pcs I have at my work, but there was only one that seemed to have the bug, and resolve on closing the IE.
>
> maybe is bestbuy's problem, and the software they use,
> the original url was:
> http://www.bestbuy.com.cy/cgi-bin/buy.storefront/3cbbef7d0794c70e27a4c30e950106f2/Product/View/CMPL_00_GDXbox
>
>
> maybe is storefronts problem...
>
>
> pls test it out, and let me know,
>
>
>
> Thank you,
>
>
> /*
> * Andreas Constantinides (MegaHz)
> * http://www.cyhackportal.com
> *
> */
> 

-- 
:: Ryan Verner           xfesty/irc.oublinet.net ::
:: ICQ 76626240       MSN dev.festy@start.com.au ::
:: EverQuest, Tholuxe Paells:    Mummer, Arrjart ::
:: <xfesty@whackpack.com>   <ryan@2xstreams.com> ::

       "Spiral out.  Keep going, going..."

Relevant Pages

  • RE: Windows Defender: Microsoft is parody of itself
    ... workarounds to defective products. ... this process and twice I was cut off and in neither case did Microsoft ... call up and discover that the phone system doesn't work. ...
    (microsoft.public.windowsupdate)
  • Re: Word 2004 compatibility with Word 2003 SP3
    ... I hate to break it to You all But I am subscribed to computerworld, cNET news and ZDnet News as well and they al three reported at about the same time the same thing. ... uncertainty and doubt about products that compete with Microsoft products. ... should have learned in Journalism 101 would so easily discover is wrong :-) ...
    (microsoft.public.mac.office.word)
  • Re: AMC: Poll about who will find out Ryan is alive first
    ... Aisling Willow Grey wrote: ... I'm guess either Lily or Kendall will discover it first.<< ... far away from Pine Valley. ... Ryan needs some little ...
    (rec.arts.tv.soaps.abc)
  • Re: AMC: Poll about who will find out Ryan is alive first
    ... > There are no spoilers here. ... > be the first to discover that Ryan is really alive? ... > I'm guess either Lily or Kendall will discover it first.<< ... far away from Pine Valley. ...
    (rec.arts.tv.soaps.abc)
  • Re: Will Microsoft ever support this forum with some sharepoint people
    ... Microsoft staff in the manner you and everyone else would like, ... support the exisitence and maintenance of the newsgroups. ... > compartment that you can get a kit for that at Wal Mart. ... > later you discover the brake lights don't work. ...
    (microsoft.public.sharepoint.portalserver)