And having it in the subject causes funnies with the full outlook 2000 client as well. I was scrolling through the bugtraq messages, and noted that this message(call it #2) had the same subject that the previous message(#1) did, although the window title had been updated appropriately. Moving on to the next message (#3), and going back again left me with the subject from message #3 showing on the subject line. It may be possible to overflow Outlook itself by including a carefully crafted subject line. Outlook version 9.0.0.2711 on NT 4 SP5 Rogan > -----Original Message----- > From: Indeera [mailto:indeera_at_private] > Sent: Wednesday, February 23, 2000 11:49 PM > To: BUGTRAQat_private > Subject: {\rtf\a112911112911112911112911...112911} in the body will > crash OE5 clients. > > > This was tested by sending a message having the above string > in the body > from hotmail to OE5 client version 5.50.3825.400 on NT4 > server sp6. first > experianced while trying to open the message sent by Pauli > Ojanpera subject > reading 'riched32.dll buffer overflow'. Might not work in other OE5 > versions. Just thought some one might be interested in this. > cheers > ind > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:37:04 PDT