[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: s.lorentsen at box-smart.net (Simon Lorentsen)
Subject: Internet Explorer 6 DoS Bug
Worked here - UK Version
Version 6.0.2800.1106.xpsp2.030422-1633
System is fully updated with all patches.
Caused MSIE to hang, only the window I tried it in, all other msie
windows worked fine.
Sincerely yours,
Simon Lorentsen
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of KF
Sent: 07 July 2003 14:19
To: fabian.becker2@...st.de
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Internet Explorer 6 DoS Bug
I can NOT duplicate this on IE 6.0.2800.1106.xpsp2-030422-1633.... it
simply asks me to open or save the file... if I choose open with notepad
for example ... nothing odd happens... notepad says function not found.
If I try to save the file to disk it says "aux This filename is a
reserved device name please choose another name". I tryed searching for
what to open the file with on the ms extension search thing and also
came up with nothing odd...
What *exact* version of IE do you use?
-KF
fabian.becker2@...st.de wrote:
>Hi,
>I found a bug in IE6 ?n Windows XP with all Service Packs and Patches
>installed: If you enter C:\aux in the adressline of the IE (not
>EXPLORER, InternetExplorer) and hit enter, the window will freeze. This
>bug is simmilar to C:\con\con but not as dagerous. But its the same
>reason, naimly that windows trys to open aux, a hardware device in
>earlier windows versions. I already sended an email to Microsoft but
>they said the bug wouldn't exist.
>
>Bye
>
>Fabian Becker (www.neonomicus.ionichost.com) fabian.becker2@...st.de
>
>
>
>
>________________________________________
>Mehr Power f?r Ihre eMail - mit den neuen Leistungspaketen bei
>http://www.epost.de
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of KF
Sent: 07 July 2003 14:19
To: fabian.becker2@...st.de
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Internet Explorer 6 DoS Bug
I can NOT duplicate this on IE 6.0.2800.1106.xpsp2-030422-1633.... it
simply asks me to open or save the file... if I choose open with notepad
for example ... nothing odd happens... notepad says function not found.
If I try to save the file to disk it says "aux This filename is a
reserved device name please choose another name". I tryed searching for
what to open the file with on the ms extension search thing and also
came up with nothing odd...
What *exact* version of IE do you use?
-KF
fabian.becker2@...st.de wrote:
>Hi,
>I found a bug in IE6 ?n Windows XP with all Service Packs and Patches
>installed: If you enter C:\aux in the adressline of the IE (not
>EXPLORER, InternetExplorer) and hit enter, the window will freeze. This
>bug is simmilar to C:\con\con but not as dagerous. But its the same
>reason, naimly that windows trys to open aux, a hardware device in
>earlier windows versions. I already sended an email to Microsoft but
>they said the bug wouldn't exist.
>
>Bye
>
>Fabian Becker (www.neonomicus.ionichost.com) fabian.becker2@...st.de
>
>
>
>
>________________________________________
>Mehr Power f?r Ihre eMail - mit den neuen Leistungspaketen bei
>http://www.epost.de
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Troy
Sent: 07 July 2003 22:36
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Internet Explorer 6 DoS Bug
On Mon, 07 Jul 2003 11:49:29 -0700, Blue Boar <BlueBoar@...evco.com>
wrote:
> So far the couple of people who CAN reproduce it are coming from a .dk
> and
> .de domain. I use the US English version of XP. If anyone else
chimes in
> on whether they can reproduce or not, could you please report what
language
> version of XP and/or IE you use?
A coworker reproduced it under English XP. However, it's a pretty much
fresh install of XP. The IE build IE 6.0.2600.0000.xpclient.010817-1148.
Maybe it was fixed in a hotfix that hasn't been translated yet.
--
Troy
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2419 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030707/af48035e/smime.bin
Powered by blists - more mailing lists