lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Dec 2012 13:57:55 GMT From: koppensb@....at To: bugtraq@...urityfocus.com Subject: Re: Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability Hi! I think he is talking about this blog post of the Microsoft Security and Defense team. http://blogs.technet.com/b/srd/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx Since your PoC code throws this: Problem signature: Problem Event Name: APPCRASH Application Name: iexplore.exe Application Version: 9.0.8112.16457 Application Timestamp: 50a2f9e3 Fault Module Name: MSHTML.dll Fault Module Version: 9.0.8112.16457 Fault Module Timestamp: 50a30507 Exception Code: c00000fd Exception Offset: 002bbe12 OS Version: 6.1.7601.2.1.0.768.3 Locale ID: 1033 Additional Information 1: 39a4 Additional Information 2: 39a4d7f18c1c7c725934453009d2f1b9 Additional Information 3: 9b65 Additional Information 4: 9b65a6e96bd128527d12d25fc3aa2ec1 ie runs in an exhaustion not in an overflow.