[Full-Disclosure] Openware.org IE Fix - Warning
From: Thierry <Thierry@Sniff-em.com>
Date: Fri Dec 19 2003 - 06:25:48 CST
Date: Fri Dec 19 2003 - 06:25:48 CST
According to Heise
(http://www.heise.de/newsticker/data/dab-19.12.03-002/)
The Openware.org IE fix introduces new flaws :
- The buffer to copy URL's is limited to 256 bytes
- Larger strings produce a buffer overflow, with possibility to
overwrite the stack.
BoF Test :
http://www.heise.de/security/dienste/browsercheck/demos/ie/e5_18.shtml
(at the bottom, link entitled "TEST DES PATCHES")
-- Best regards, Thierry mailto:Thierry@Sniff-em.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Fri Dec 19 06:47:00 2003
This archive was generated by hypermail 2.1.8 : Fri Dec 19 2003 - 07:01:01 CST
Custom Search
