[14009] in bugtraq
Re: {\rtf\a112911112911112911112911...112911} in the body will cr
daemon@ATHENA.MIT.EDU (Dawes, Rogan (ZA - JNB))
Thu Feb 24 17:34:00 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Message-Id: <45DE01A3CB8DD311A28300508B61BD4004AE03@ZAJNBNT006>
Date: Thu, 24 Feb 2000 09:09:37 +0200
Reply-To: "Dawes, Rogan (ZA - JNB)" <rdawes@DELOITTE.CO.ZA>
From: "Dawes, Rogan (ZA - JNB)" <rdawes@DELOITTE.CO.ZA>
X-To: "bugtraq@securityfocus.com" <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM
And having it in the subject causes funnies with the full outlook 2000
client as well.
I was scrolling through the bugtraq messages, and noted that this
message(call it #2) had the same subject that the previous message(#1) did,
although the window title had been updated appropriately. Moving on to the
next message (#3), and going back again left me with the subject from
message #3 showing on the subject line.
It may be possible to overflow Outlook itself by including a carefully
crafted subject line.
Outlook version 9.0.0.2711 on NT 4 SP5
Rogan
> -----Original Message-----
> From: Indeera [mailto:indeera_@HOTMAIL.COM]
> Sent: Wednesday, February 23, 2000 11:49 PM
> To: BUGTRAQ@SECURITYFOCUS.COM
> Subject: {\rtf\a112911112911112911112911...112911} in the body will
> crash OE5 clients.
>
>
> This was tested by sending a message having the above string
> in the body
> from hotmail to OE5 client version 5.50.3825.400 on NT4
> server sp6. first
> experianced while trying to open the message sent by Pauli
> Ojanpera subject
> reading 'riched32.dll buffer overflow'. Might not work in other OE5
> versions. Just thought some one might be interested in this.
> cheers
> ind
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
>
