Re: greek characters buffer overflow, AGAIN!

From: xfesty (xfesty@computeraddictions.com.au)
Date: 04/16/02


From: xfesty <xfesty@computeraddictions.com.au>
To: MegaHz <admin@cyhackportal.com>
Date: 17 Apr 2002 03:25:23 +1000

Loads no problems on IE 6.0.

I don't see the problem here - Microsoft have obviously addressed the
issue... IE 5.0 is very old.

- Ryan

On Tue, 2002-04-16 at 19:40, MegaHz wrote:
>
> One year ago I discovered a buffer overflow in the address bar of IE 5.0 using greek characters, look at:
> http://www.cyhackportal.com/modules.php?name=News&file=article&sid=81
>
>
> Today I discover this:
> http://www.bestbuy.com.cy/cgi-bin/buy.storefront/<<<áx1388>>>/Product/View/CMPL_00_GDXbox
>
> (do not use: <<<,>>>)
> and yes, Internet explorer, exited by itself. Very strange. I don't know why, pls try that
> I uploaded here a sample html,
> http://megahz.cyhackportal.com/hey.html
>
> I test it out on 3 pcs I have at my work, but there was only one that seemed to have the bug, and resolve on closing the IE.
>
> maybe is bestbuy's problem, and the software they use,
> the original url was:
> http://www.bestbuy.com.cy/cgi-bin/buy.storefront/3cbbef7d0794c70e27a4c30e950106f2/Product/View/CMPL_00_GDXbox
>
>
> maybe is storefronts problem...
>
>
> pls test it out, and let me know,
>
>
>
> Thank you,
>
>
> /*
> * Andreas Constantinides (MegaHz)
> * http://www.cyhackportal.com
> *
> */
>

-- 
:: Ryan Verner           xfesty/irc.oublinet.net ::
:: ICQ 76626240       MSN dev.festy@start.com.au ::
:: EverQuest, Tholuxe Paells:    Mummer, Arrjart ::
:: <xfesty@whackpack.com>   <ryan@2xstreams.com> ::

"Spiral out. Keep going, going..."