It does not affect my browser neither.. MSIE 6.0 (WinXP) .. Just get a strange URL and a 404 as a result of clicking "hey". /D ----- Original Message ----- From: "TanaydIn 'HuzursuZ' $irin" <tanaydinat_private> To: <vuln-devat_private>; <bugtraqat_private>; <vulnwatchat_private> Cc: <securityat_private> Sent: Tuesday, April 16, 2002 7:13 PM Subject: Re: [VulnWatch] greek characters buffer overflow, AGAIN! > it isn't cause any problem for me... w2k ie6 > > ----- Original Message ----- > From: "MegaHz" <adminat_private> > To: <vuln-devat_private>; <bugtraqat_private>; > <vulnwatchat_private> > Cc: <securityat_private> > Sent: Tuesday, April 16, 2002 12:40 PM > Subject: [VulnWatch] greek characters buffer overflow, AGAIN! > > > > > > One year ago I discovered a buffer overflow in the address bar of IE 5.0 > using greek characters, look at: > > http://www.cyhackportal.com/modules.php?name=News&file=article&sid=81 > > > > > > Today I discover this: > > > http://www.bestbuy.com.cy/cgi-bin/buy.storefront/<<<\x1388>>>/Product/View/C > MPL_00_GDXbox > > > > (do not use: <<<,>>>) > > and yes, Internet explorer, exited by itself. Very strange. I don't know > why, pls try that > > I uploaded here a sample html, > > http://megahz.cyhackportal.com/hey.html > > > > I test it out on 3 pcs I have at my work, but there was only one that > seemed to have the bug, and resolve on closing the IE. > > > > maybe is bestbuy's problem, and the software they use, > > the original url was: > > > http://www.bestbuy.com.cy/cgi-bin/buy.storefront/3cbbef7d0794c70e27a4c30e950 > 106f2/Product/View/CMPL_00_GDXbox > > > > > > maybe is storefronts problem... > > > > > > pls test it out, and let me know, > > > > > > > > Thank you, > > > > > > /* > > * Andreas Constantinides (MegaHz) > > * http://www.cyhackportal.com > > * > > */ > > >
This archive was generated by hypermail 2b30 : Wed Apr 17 2002 - 09:37:59 PDT