[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <3972.1062517123@www15.gmx.net>
From: nonleft at gmx.net (nonleft@....net)
Subject: New Microsoft Internet Explorer mshtml.dll Denial of Service?
crashes on my side as well
win XP no packets in place.
so I run my debugger: (sorry german)
Der Thread 'Win32 Thread' (0x818) hat mit Code 0 (0x0) geendet.
Unbehandelte Ausnahme bei 0x00000005 in : 0xC0000005:
Zugriffsverletzung-Leseposition 0x00000005.
Eine Ausnahme (erste Chance) bei 0x00000005 in : 0xC0000005:
Zugriffsverletzung-Leseposition 0x00000005.
Unbehandelte Ausnahme bei 0x00000005 in : 0xC0000005:
Zugriffsverletzung-Leseposition 0x00000005.
well it tries to do a read function in the memory, were it has not business
to do :-)
and this causes the system failure and the program has to be restarted
7FFE02FC add byte ptr [eax],al
7FFE02FE add byte ptr [eax],al
7FFE0300 mov edx,esp
7FFE0302 sysenter
7FFE0304 ret
7FFE0305 pushfd
7FFE0306 or dword ptr [esp],100h
7FFE030D popfd
7FFE030E ret <---- here comes the downfall :-)
7FFE030F mov edx,esp
7FFE0311 syscall
7FFE0313 ret
7FFE0314 nop
7FFE0315 pushfd
7FFE0316 or dword ptr [esp],100h
so it comes from:
7ffe0304()
ntdll.dll!77f6f4af()
ntdll.dll!77f6e265()
mshtml.dll!74877f58()
> mshtml.dll!74877576()
that was it on my machine.....
reproduced it twice.
but i could not see what this behavior evoked in the html code?!?!
first i thought could have something to do with the embedded scripts, but
doesn't seem so....
btw not using Outlook (and i could not see why this should have something to
do with it)
mfg/kind regards
nonleft
At 13:53 02.09.2003 +0200, you wrote:
Hi,
> No, I am very sure that this happens also, if you follow the link inside
> a web page only (without an involving mail client).
> So go to http://www.counterpane.com/crypto-gram.html , scroll down and
> click the link that says "Holger Hasselbach has translated several
> issues of Crypto-Gram into German [...]". The error occurs as described
> in my original posting.
well i tried
windows 2003 server no updates
first time i clicked it page closed after 5 seconds
second time nothing happened
third time it closed after 5 seconds
well 4th time nothing happened
5th time closed again
eaach time i spawned a new ie-window with the link and then followed
the one in the bottom
mfg
Michel Zobel
Software Entwicklung
hnw health network GmbH i.G.
--
COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test
--------------------------------------------------
1. GMX TopMail - Platz 1 und Testsieger!
2. GMX ProMail - Platz 2 und Preis-Qualit?tssieger!
3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: crypto.txt
Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030902/65178c41/crypto.txt
Powered by blists - more mailing lists