[22235] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

long url overflow in IE6 public preview on WinME

daemon@ATHENA.MIT.EDU (Joseph Mallett)
Tue Aug 14 11:11:44 2001

Date: Tue, 14 Aug 2001 00:57:27 +0000
From: Joseph Mallett <jmallett@NewGold.NET>
To: bugtraq@securityfocus.com
Message-ID: <20010814005727.A84372@NewGold.NET>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

Requesting the url:
http://srcsys.org//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

either by entering it into the address bar or redirection to it (via a 
CGI) causes IE6 public preview [on a winme machine with all windowsupdates 
installed as of yesterday] to crash with an "abnormal program exit".

I don't have a good enough knowledge to track down this overflow, etc., 
but I have emailed Microsoft with this information, and thought I would 
mention it here, if it might help speed up the process of finding the bug, 
finding out if it is a possible threat, etc.

Thanks,
/joseph

--
Joseph A. Mallett
http://srcsys.org

xMach Core Team, www.xMach.org


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[22235] in bugtraq

long url overflow in IE6 public preview on WinME

daemon@ATHENA.MIT.EDU (Joseph Mallett)Tue Aug 14 11:11:44 2001

daemon@ATHENA.MIT.EDU (Joseph Mallett)
Tue Aug 14 11:11:44 2001