lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 11 May 2004 17:29:44 +0400
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: "Rafel Ivgi, The-Insider" <theinsider@....net.il>
Cc: "bugtraq" <bugtraq@...urityfocus.com>, full-disclosure@...ts.netsys.com
Subject: Re: msxml3.dll Parsing Error Crashes Internet Explorer Remotely Upon Refresh


Dear Rafel Ivgi, The-Insider,

No crash on 6.0.2800.

--Monday, May 10, 2004, 10:27:40 PM, you wrote to bugtraq@...urityfocus.com:

RITI> msxml3.dll crashes after refreshing a page which contains & inside a
RITI> link/value
RITI> For Example : <Ref href = "&"/>
RITI> This is due to a parsing error in msxml3.dll.

RITI> Version Details:
RITI> ---------------------
RITI> I.E Version: 6.0.2600.0
RITI> ModVer: 8.10.8308.0
RITI> Module name: msxml3.dll
RITI> Offset: 000b8c10

RITI> Stack Dump:
RITI> -----------------
RITI> EAX=01CEE800
RITI> EDI=01D02580
RITI> EBX=00000000
RITI> EBP=02C3F3E4
RITI> ECX=00000000
RITI> ESP=02C3FC74
RITI> EDX=02D91364
RITI> EIP=02E18C10
RITI> ESI=00000000
RITI> DS:00000004     GS:0000     ES:0023     SS:0023     CS:001B

RITI> Live Example:
RITI> http://theinsider.deep-ice.com/xmlcrash.xml
RITI> AND REFRESH...

RITI> _______________________________________________
RITI> Full-Disclosure - We believe in it.
RITI> Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
~/ZARAZA
Особую проблему составляет алкоголизм.  (Лем)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists