[7484] in bugtraq
Re: Object tag crashes Internet Explorer 4.0
daemon@ATHENA.MIT.EDU (Brian Behlendorf)
Thu Jul 30 12:57:15 1998
Date: Wed, 29 Jul 1998 17:06:43 -0700
Reply-To: Brian Behlendorf <brian@HYPERREAL.ORG>
From: Brian Behlendorf <brian@HYPERREAL.ORG>
To: BUGTRAQ@NETSPACE.ORG
in message 19980728171036.5485.qmail@hotmail.com, Georgi Guninski
<guninski@HOTMAIL.COM> told us about an Object Tag problem in MSIE 4.0. He
described it:
> The <OBJECT> tag seems to crash Internet Explorer 4.0 under Win95 (don't
> know about other versions/OS).
> The following:
> <OBJECT CLASSID=____More than 250 characters here____></OBJECT>
> opens a dialog box "IEXPLORE: ...illegal operation" and closes IE 4.0,
> or a blue screen with "Fatal exception 0E" and you need to reboot.
> I don't think this is exploitable(?), but it is a bad "feature".
This is good to know - the only problem is that as an attachment, Georgi also
appended an actual example of such an OBJECT tag:
> -------------------------------------Cut here: Object.html -------
> <HTML>
> Trying to crash IE 4.0
> <OBJECT CLASSID=111...111111111>
> </OBJECT>
> </HTML>
The '...' above being replaced with enough other 1's to do the deed.
Of course, in doing so, my Win95/Eudora 4 Pro (which is configured to use MSIE
4.0 as its 'HTML browser') crashed before I could read his message. Crashed
the whole OS, actually, losing about 3 hours' worth of work.
Now, you could say I have no right to complain, it's my own fault for running
ripshod software on a crappy OS, and I wouldn't argue.
But I would still like to ask that posters to BugTraq, and other forums,
refrain from posting actual, "lethal" examples of the mailer bugs they are
talking about. At this time I'm unaware of any patch for this particular
problem, other than "use WordPad to read your mail" or "get a real OS".
Thanks.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
"Common sense is the collection of prejudices | brian@apache.org
acquired by the age of eighteen." - Einstein | brian@hyperreal.org
