|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: TanaydIn 'HuzursuZ' $irin (tanaydin
ihlas.net.tr)Date: Tue Apr 16 2002 - 12:13:07 CDT
it isn't cause any problem for me... w2k ie6
----- Original Message -----
From: "MegaHz" <admincyhackportal.com>
To: <vuln-devsecurityfocus.com>; <bugtraqsecurityfocus.com>;
<vulnwatchvulnwatch.org>
Cc: <securitymicrosoft.com>
Sent: Tuesday, April 16, 2002 12:40 PM
Subject: [VulnWatch] greek characters buffer overflow, AGAIN!
>
> One year ago I discovered a buffer overflow in the address bar of IE 5.0
using greek characters, look at:
> http://www.cyhackportal.com/modules.php?name=News&file=article&sid=81
>
>
> Today I discover this:
>
http://www.bestbuy.com.cy/cgi-bin/buy.storefront/<<<\x1388>>>/Product/View/C
MPL_00_GDXbox
>
> (do not use: <<<,>>>)
> and yes, Internet explorer, exited by itself. Very strange. I don't know
why, pls try that
> I uploaded here a sample html,
> http://megahz.cyhackportal.com/hey.html
>
> I test it out on 3 pcs I have at my work, but there was only one that
seemed to have the bug, and resolve on closing the IE.
>
> maybe is bestbuy's problem, and the software they use,
> the original url was:
>
http://www.bestbuy.com.cy/cgi-bin/buy.storefront/3cbbef7d0794c70e27a4c30e950
106f2/Product/View/CMPL_00_GDXbox
>
>
> maybe is storefronts problem...
>
>
> pls test it out, and let me know,
>
>
>
> Thank you,
>
>
> /*
> * Andreas Constantinides (MegaHz)
> * http://www.cyhackportal.com
> *
> */
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]