| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <08c701c34c88$fc479a00$1803a8c0@wangtrading.com>
From: jim at wangtrading.com (Jim Laverty)
Subject: Does your IE6 crash with these "URLs"?
Not sure this is leading to anything useful or why it is on this list,
but...
Same here:
AppName: iexplore.exe AppVer: 6.0.2800.1106 ModName: msieftp.dll
ModVer: 5.50.4807.2300 Offset: 0000b8bc
The thread 'Win32 Thread' (0xc90) has exited with code 0 (0x0).
Unhandled exception at 0x039cb8bc in IEXPLORE.EXE: 0xC0000005: Access
violation reading location 0x00000000.
Call Stack:
> msieftp.dll!039cb8bc()
msieftp.dll!039cba4a()
msieftp.dll!039cc02b()
SHDOCVW.DLL!71743f4e()
SHDOCVW.DLL!7170dfe3()
SHDOCVW.DLL!7170e18d()
SHDOCVW.DLL!7171ce8c()
browseui.dll!71174c93()
SHDOCVW.DLL!717209a5()
SHDOCVW.DLL!7176e276()
SHDOCVW.DLL!7173f80a()
browseui.dll!711ca25a()
browseui.dll!711ca2c8()
browseui.dll!7119cfd4()
browseui.dll!711765b7()
browseui.dll!711764fe()
browseui.dll!711764b1()
browseui.dll!711684e6()
USER32.DLL!77e3a244()
USER32.DLL!77e16b21()
USER32.DLL!77e24f4a()
browseui.dll!71168a74()
USER32.DLL!77e3a244()
USER32.DLL!77e145e5()
USER32.DLL!77e1a792()
ASM Code:
039CB84E C2 0C 00 ret 0Ch
039CB851 56 push esi
039CB852 33 F6 xor esi,esi
039CB854 E8 AE 03 00 00 call 039CBC07
039CB859 85 C0 test eax,eax
039CB85B 75 13 jne 039CB870
039CB85D FF 74 24 08 push dword ptr [esp+8]
039CB861 E8 41 D5 00 00 call 039D8DA7
039CB866 83 F8 01 cmp eax,1
039CB869 75 05 jne 039CB870
039CB86B BE 05 40 00 80 mov esi,80004005h
039CB870 85 F6 test esi,esi
039CB872 7D 11 jge 039CB885
039CB874 8B 44 24 0C mov eax,dword ptr [esp+0Ch]
039CB878 83 38 00 cmp dword ptr [eax],0
039CB87B 74 08 je 039CB885
039CB87D 6A 00 push 0
039CB87F 50 push eax
039CB880 E8 BA D4 00 00 call 039D8D3F
039CB885 8B C6 mov eax,esi
039CB887 5E pop esi
039CB888 C2 08 00 ret 8
039CB88B 55 push ebp
039CB88C 8B EC mov ebp,esp
039CB88E 51 push ecx
039CB88F 8B 45 18 mov eax,dword ptr [ebp+18h]
039CB892 56 push esi
039CB893 8B 75 08 mov esi,dword ptr [ebp+8]
039CB896 57 push edi
039CB897 83 20 00 and dword ptr [eax],0
039CB89A 89 4D FC mov dword ptr [ebp-4],ecx
039CB89D 85 F6 test esi,esi
039CB89F BF 05 40 00 80 mov edi,80004005h
039CB8A4 74 74 je 039CB91A
039CB8A6 8B 46 14 mov eax,dword ptr [esi+14h]
039CB8A9 85 C0 test eax,eax
039CB8AB 74 6D je 039CB91A
039CB8AD 66 83 38 00 cmp word ptr [eax],0
039CB8B1 74 67 je 039CB91A
039CB8B3 FF 75 14 push dword ptr [ebp+14h]
039CB8B6 FF 15 D8 12 9C 03 call dword ptr ds:[39C12D8h]
039CB8BC 80 38 00 cmp byte ptr [eax],0 <= Breaks here
Registers:
eax 0x00000000 unsigned long
ebp 0x00125b34 unsigned long
esi 0x0021ef08 unsigned long
edi 0x80004005 unsigned long
ds 0x0023 unsigned short
ecx 0x001c5bf0 unsigned long
bx 0x5bf0 unsigned short
cx 0x5bf0 unsigned short
dx 0x001c unsigned short
ds 0x0023 unsigned short
cs 0x001b unsigned short
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Securesdotcoms
Sent: Thursday, July 17, 2003 12:38 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Does your IE6 crash with these "URLs"?
Crashes me:
AppName: iexplore.exe AppVer: 6.0.2800.1106 ModName: msieftp.dll
ModVer: 5.50.4807.2300 Offset: 0000b8bc
----- Original Message -----
From: "Martin" <nakal@....de>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, July 17, 2003 8:57 AM
Subject: [Full-Disclosure] Does your IE6 crash with these "URLs"?
> Hi,
>
> I have a question. I would like to know, if you can also crash
> IE6, when typing the following "URL":
>
> ftp*://?
>
> I have also tried from HTML like this:
>
> <html>
> <body>
> <script language="JavaScript">
> window.open("ftp://ftp*://?");
> </script>
> </body>
> </html>
>
> I could crash IE about a year ago with the first "URL" above
> and I've sent already various crash reports to Microsoft a
> long time ago. There was no reaction.
>
> That's why I just want to ask if someone can check this for me.
> Maybe only my 3 PCs are weird.
>
> Thanks,
> Martin
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
--------------------------------------------------------
Note:
This message is for the named person's use only. It may
contain confidential, proprietary or legally privileged
information. No confidentiality or privilege is waived
or lost by any mistransmission. If you receive this
message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies
of it and notify the sender. You must not, directly or
indirectly, use, disclose, distribute, print, or copy
any part of this message if you are not the intended
recipient. Wang Trading LLC and any of its subsidiaries
each reserve the right to monitor all e-mail
communications through its networks.
Any views expressed in this message are those of the
individual sender, except where the message states
otherwise and the sender is authorized to state them
to be the views of any such entity.
---------------------------------------------------------
Powered by blists - more mailing lists