Berend-Jan Wever
16/02/05, 00:15
> Discovered by : Gregory R. Panakkal
Incorrect: E.Kellinis reported it on Friday, May 07, 2004 to bugtraq:
http://www.securityfocus.com/archive/1/362524/2004-05-06/2004-05-12/0
> Pointing a link to the URI -> file://!:\ [replace !
> with the character with ascii value for eg:- 0xA0].
> Causes IE6-SP1 to crash, the illegal op occuring in
> user32.dll. Other special characters are also
> possible.
More details can be found here:
http://lists.netsys.com/pipermail/full-disclosure/2004-May/021272.html
http://lists.netsys.com/pipermail/full-disclosure/2004-December/030115.ht=
ml
.-----------------------------------,
/ Berend-Jan Wever aka SkyLined )
/ skylined@edup.tudelft.nl / \
/ http://www.edup.tudelft.nl/~bjwever / /
/ PGP key ID 0x48479882 / /
/ .----. , / /
/ ( ' / / . __ __/ / /
/ `'-._ /.' | / / / ( / /_.'.' / / /
( ) / ) |/ / / / ) (__ (__/ / /
\-------' ------` '-----------------< /
\______.`\______\/\_________________\/
Incorrect: E.Kellinis reported it on Friday, May 07, 2004 to bugtraq:
http://www.securityfocus.com/archive/1/362524/2004-05-06/2004-05-12/0
> Pointing a link to the URI -> file://!:\ [replace !
> with the character with ascii value for eg:- 0xA0].
> Causes IE6-SP1 to crash, the illegal op occuring in
> user32.dll. Other special characters are also
> possible.
More details can be found here:
http://lists.netsys.com/pipermail/full-disclosure/2004-May/021272.html
http://lists.netsys.com/pipermail/full-disclosure/2004-December/030115.ht=
ml
.-----------------------------------,
/ Berend-Jan Wever aka SkyLined )
/ skylined@edup.tudelft.nl / \
/ http://www.edup.tudelft.nl/~bjwever / /
/ PGP key ID 0x48479882 / /
/ .----. , / /
/ ( ' / / . __ __/ / /
/ `'-._ /.' | / / / ( / /_.'.' / / /
( ) / ) |/ / / / ) (__ (__/ / /
\-------' ------` '-----------------< /
\______.`\______\/\_________________\/