| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <E19pxIa-000NO7-00.nimber-mail-ru@f12.mail.ru> Date: Fri, 22 Aug 2003 01:48:52 +0400 From: "nimber" <nimber@...l.ru> To: bugtraq@...urityfocus.com Subject: Buffer overflow in Avant Browser 8.02 ______________________________________________________________ /###############################################################\ # ZUD SECURITY TEAM PRESENT # #: ################################ #: # bug found by nimber # (0_0(0_o)0_o) #: # Email : nimber@...igner.ru # #: # Site: www.zudteam.org # www.zudteam.org #: # HomePage: www.nimber.plux.ru # #: ################################################################: ======================\\ : Advisory Information: //----------------------------------------o =====================// : Application : Avant Browser : Date : 21.08.2003 : Vendor Homepage : http://avantbrowser.com : Versions : 8.02 (maybe older) : Platforms : all Win. : Severity : High : ----------------------------------------------------------------o Powerful Browser on the base IE. 1999 - 2003. : Supports: Built-in Pop-up Stopper, : Flash Animation Filter, Safe Recovery,Scins, : Built-in Google Search Engine. : ======================\\---------------------------------------/ Overview: // Buffer overflow in Avant Browser 8.02/ =====================//______________________________________/ Local: yes | Remote: yes | 1) Crash browser by sending long http request. o Exaple: | http://AAAAAAA[more 780 chars] | 2) Or at opening of long link. | Exaple: | <a href="http://AAA[more 780 chars]">aaa</a> | After start Browser will not possible. | (after recurrent installation even!!!) | When starting you see reporting on mistakes: | "Access violation at address 77D6318 in module 'USER32.dll' | Write od address 011C1000" | And else: | "avant.exe has encountered a problem and needs to close." | "Exception EReadError in module avant.exe at 00021AD3. | Error reading cbAddress.Left: Access volation at address | 0012D798. Write of address 00000000." | Overflow Buffer occurs in an effort Browser copy a visit | reference in Buffer exchange. | ____________________________________________________________o Path: Can be will be corrected in following versions. | ____________________________________________________________| Gr33tZ: ЗАРАЗА, ZeT,euronymous, subj, Zud Team, void.ru, | RusH Team,m00 security,eXploit.ru,LWTeam, F0K Project, | Free-Crew. | ___________________________________________________________// Thank You. -------------- For contact: e-mail: nimber@...l.ru icq: 132614 web-site: www.zudteam.org
Powered by blists - more mailing lists