Internet Explorer 5.0 & AOL Instant Messenger 3.x (latest version) Bug forcing Win98 to crash remotely Description: US Version of Internet Explorer 5.0 does not know the german characters like "ü", "ö", "ä". When you move your mousepointer over such a link containing such characters as URL, your mousepointer will not become a pointing hand. That is the reason why IE5 will not try to load that website. But since AOL Instant Messenger is capable of HTML when you insert a link like that, IE5 will be given the URL as a parameter and not able to interpret it. This makes AIM eat up all available memory and makes Win98's VMM and TCP VxD crash by bufferoverflowing it with the non interpretable URL string. Problem: Aim probably uses a line similar to this for loading URL: ShellExecute( 0, "open", "http://www.yourdomain.com", NULL, NULL, SW_NORMAL ); The problem is that AIM does not check for 1) length 2) Although it asks you about "illegal characters", it permits you to use them. But because IE can not interpret them (as AIM does using the URL as a StringVar), IE can't and it fails and results a systemcrash. For demonstration and FULL details visit : http://www.doc2000.de/ie5_bug.htm Contact at: webmasterat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:04:56 PDT