[<prev] [next>] [day] [month] [year] [list]
Message-ID: <42B56C6A683EBA4581C01CB49A914CA7DA1D01@MAILFAXSRV.gfimalta.com>
From: davidf at gfi.com (David Farinic)
Subject: Large picture wudth DoS on MS Internet Explorer/Outlook Express
You misunderstood original post IMHO
Your 4 y. old htmls don't crash my XP just hang before I kill IE (no
prob if not exploitable).
Originally posted html BSOD OS ok let me rephrase Blue Screened XP DEAD
caput which is huge difference.
For now it seems to me as video driver issue as it depends on video
driver (Crash dump analysis -1 report was not about video driver but it
was probably just domino effect where shortage of resources cause crash
of another driver)
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 3APA3A
Sent: Thursday, August 12, 2004 4:44 PM
To: full-disclosure@...sys.com
Subject: [Full-Disclosure] Large picture wudth DoS on MS Internet
Explorer/Outlook Express
This issue was originaly reported in January, 2000
http://www.security.nnov.ru/2000/january/#IEIMAGE
And was reported to Microsoft. Microsoft didn't accepted this bug as
security related but promised to "file a bug report with IE team".
http://www.security.nnov.ru/2000/january/ie5img2.html
Message to Bugtraq was moderated by Aleph One as unimportant, so
publicly information was published one year later on vuln-dev.
http://cert.uni-stuttgart.de/archive/vuln-dev/2001/06/msg00094.html
and published as advisory
http://www.security.nnov.ru/advisories/ie5freeze.asp?l=RU
Nobody reacted.
Amount of buzz about it now makes me think Internet Explorer security is
now really better than it was 4 years ago :)
This mail was checked for malicious code and viruses
by GFI MailSecurity. GFI MailSecurity provides email content
checking, exploit detection, threats analysis and anti-virus for
Exchange & SMTP servers. Viruses, Trojans, dangerous
attachments and offensive content are removed automatically.
Key features include: multiple virus engines; email content and
attachment checking; an exploit shield; an HTML threats engine;
a Trojan & Executable Scanner; and more.
In addition to GFI MailSecurity, GFI also produces the
GFI MailEssentials anti-spam software, the GFI FAXmaker
fax server & GFI LANguard network security product ranges.
For more information on our products, please visit
http://www.gfi.com. This disclaimer was sent by
GFI MailEssentials for Exchange/SMTP.
Powered by blists - more mailing lists