Hey all, Tim Uidam and Nick Jacobsen: Note the "//" after the server name (TWO slashes).. ftp://whatever/.#./ != ftp://whatever//.#./ ^ I tried this and some other weird stuff on my box and discovered that simply typing or pasting any form of ftp://*//#./ OR ftp://*//?./ (leading "." is unnecessary, and "?" works in place of "#") into IE's Address Bar will cause a crash, though without the trailing slash or some form of AutoComplete enabled (which is the way it would crash by just typing it, for some reason) it would require pressing the Enter key before anything happened. Also, some of the "weird stuff" I tried involved other protocols, but nothing else I tried worked-- except for ANY "<n>ftp://" protocol (existant/standard or not), where <n> is any single letter or number, though the crash would occur only after pressing the Enter key. This suggests that msieftp.dll needs some serious recoding or patching by the MS software team. Maybe it's not completely RFC 2396/2718 compliant? I was unable to reproduce this behavior via Start->Run at all. Running Win98SE 4.10.2222A using IE 5.50.4522.1800 SP1 +Q297328,q283908,Q286045,q290108,Q286043 On an unrelated(?) note (ie., more "weird stuff"), when testing IE's "file://" protocol for this bug, I created the folder "c:\windows\desktop\#" and typed in "file:///C|\windows\desktop\#" which worked fine and opened the folder in the browser window. I also tried it with a trailing slash ("file:///C|\windows\desktop\#\"), and got an error message saying that Windows could not find the directory, which doesn't happen for any other directory (though I haven't tested all of the strange folder/filename possibilities). I thought it was a bit strange. On definitely unrelated note.. what's with IE's interperetation of the URL: about:<meta%20http-equiv="refresh"%20content="0;url=about:<meta%20http- equiv=refresh%20content=0;url='Insert_TEXT_or_HTML_here'"> ? The result is pretty funky (refreshes until URI reaches 2083 characters). Heh.. fun with recursion. -Us ;] -------- Original Message -------- Subject: Re: [bug]: Cause IE 5.X to crash Date: Mon, 7 May 2001 08:07:45 +0800 From: "Uidam, T (Tim)" <Tim.Uidamat_private> Reply-To: "Uidam, T (Tim)" <Tim.Uidamat_private> To: VULN-DEVat_private NOT Vulnerable on IE 5.5 SP1 (no hotfixes) on WinNT 4 SP5. Nope, not even the tiniest glitch. If a valid FTP address is put in place of "whatever" it simply displays the FTP root in the browser window. Running ftp://whatever/.#./ from Start/Run launches IE, and displays "cannot Find Server" with ftp://whatever// in the address bar. Hope this helps! :) Tim.
This archive was generated by hypermail 2b30 : Fri May 11 2001 - 03:19:13 PDT