I'm currently testing some ASP code on an e-commerce site. My question is could this be used to execute a buffer overflow exploit? The following URL: http://www.asite.com/show/showsomething.asp?ID=5 Will retrieve a legitmate item from the database. By playing with the number a bit- http://www.asite.com/show/showsomething.asp?ID=32767 Will generate ADODB.Field error '80020009' Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record. But if I bump that number up to 32768 (unsigned integer limit)- Microsoft VBScript runtime error '800a0006' Overflow: 'cint' /show/showsomething.asp, line x Thanks Dan ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sun Nov 18 2001 - 10:13:13 PST