[10420] in bugtraq
MSIE 5 favicon bug
daemon@ATHENA.MIT.EDU (Flavio Veloso)
Mon May 3 19:30:15 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSI.4.02A.9905031553490.20787-100000@trex.centroin.com.br>
Date: Mon, 3 May 1999 16:06:10 -0300
Reply-To: Flavio Veloso <flaviovs@CENTROIN.COM.BR>
From: Flavio Veloso <flaviovs@CENTROIN.COM.BR>
To: BUGTRAQ@NETSPACE.ORG
Hi folks.
When MSIE 5 users bookmark a page, the browser will request a file
named "favicon.ico" which is to be used in the "Favorites" menu of the
browser. Unfortunately MSIE 5 doesn't check the file integrity and
crash if faced with a bad-formed icon file.
Upon crashing the stack gets filled with information from the icon
file itself, so it may be possible to run code on the client machine,
tough I didn't test it.
Microsoft was notified twice about this issue via the "Report a Bug"
form on their web site. The first time about one month ago, the second
time about two weeks ago. I didn't receive back any reply.
More information about this bug (plus another privacy issue about the
"favicon.ico" file) is available at
http://web.cip.com.br/flaviovs/sec/favicon/index.html.
--
Flavio
