Re: IE Crash - Anyone Seen This Before?

From: Berend-Jan Wever (SkyLined_at_edup.tudelft.nl)
Date: 05/16/04

  • Next message: Ugen: "Stealing NT passwords through WiFi?"
    To: <vuln-dev@securityfocus.com>
    Date: Sun, 16 May 2004 02:27:34 +0200
    
    

    NULL pointer assignment in mshtml, not exploitable.
    636D54AF 8B48 2C MOV ECX, [EAX+2C]
    EAX = 0, Bad read of address 0x0000002C.

    Cheers,
    SkyLined
    ----- Original Message -----
    From: "Mike Mauler" <cryptic_mauler@linuxmail.org>
    To: <full-disclosure@lists.netsys.com>
    Sent: Friday, May 14, 2004 15:55
    Subject: [Full-Disclosure] IE Crash - Anyone Seen This Before?

    >
    > <script type="text/javascript">
    > Wnd = window.createPopup();
    > Wnd.document.body.innerHTML='<meta http-equiv="imagetoolbar"
    content="no">';
    > </script>
    >
    >
    >
    > It crashs the latest IE with all patches. Dont see why it only seems to
    work for me with only that META tag. Has anyone seen this before with other
    tags or the same bit of code?
    >
    >
    > Regards,
    > Nick
    > --
    > ______________________________________________
    > Check out the latest SMS services @ http://www.linuxmail.org
    > This allows you to send and receive SMS through your mailbox.
    >
    >
    > Powered by Outblaze
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Ugen: "Stealing NT passwords through WiFi?"

    Relevant Pages