Re: IE Crash - Anyone Seen This Before?
From: Berend-Jan Wever (SkyLined_at_edup.tudelft.nl)
Date: 05/16/04
- Previous message: Adam [Onet]: "Re: IE Crash - Anyone Seen This Before?"
- In reply to: Nick Benson: "Re: IE Crash - Anyone Seen This Before?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <vuln-dev@securityfocus.com> Date: Sun, 16 May 2004 02:27:34 +0200
NULL pointer assignment in mshtml, not exploitable.
636D54AF 8B48 2C MOV ECX, [EAX+2C]
EAX = 0, Bad read of address 0x0000002C.
Cheers,
SkyLined
----- Original Message -----
From: "Mike Mauler" <cryptic_mauler@linuxmail.org>
To: <full-disclosure@lists.netsys.com>
Sent: Friday, May 14, 2004 15:55
Subject: [Full-Disclosure] IE Crash - Anyone Seen This Before?
>
> <script type="text/javascript">
> Wnd = window.createPopup();
> Wnd.document.body.innerHTML='<meta http-equiv="imagetoolbar"
content="no">';
> </script>
>
>
>
> It crashs the latest IE with all patches. Dont see why it only seems to
work for me with only that META tag. Has anyone seen this before with other
tags or the same bit of code?
>
>
> Regards,
> Nick
> --
> ______________________________________________
> Check out the latest SMS services @ http://www.linuxmail.org
> This allows you to send and receive SMS through your mailbox.
>
>
> Powered by Outblaze
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Adam [Onet]: "Re: IE Crash - Anyone Seen This Before?"
- In reply to: Nick Benson: "Re: IE Crash - Anyone Seen This Before?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
