possible format string in ultra edit 8.00

From: Thijs Dalhuijsen (thijsat_private)
Date: Fri May 16 2003 - 03:28:14 PDT

Next message: Bennett Todd: "safe mallocs (was Re: vulndev-1 and a suggestion about the ensuing discussion)"

Previous message: Cameron Brown: "RE: MSIE integer overflows"
In reply to: xenophi1e: "Re: vulndev-1 and a suggestion about the ensuing discussion"
Next in thread: Bennett Todd: "safe mallocs (was Re: vulndev-1 and a suggestion about the ensuing discussion)"
Next in thread: Michael Wojcik: "RE: vulndev-1 and a suggestion about the ensuing discussion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

don't know if this is exploitable or not, .. not even sure i want to know ;) 
but inproper handling of values could mean more interesting things i recon.... 

ultraedit allows for you to edit files located on an ftp server. Account-data gets saved in the machine registry instead of the user registry so all users on the computer can view and use each others 'bookmarks'

if you use square brackets ([]) in the account name ultraedit flips and can't load in the appropriate data.

no idea what level or what causes it. but being an very popular programmers tool on win32 i thought i'd mention it.

happy hunting,
thijs
--
perl -pe 'tr/izeasgtbgo/1234567890/;$_=0.5<=rand(1)?lc$_:uc$_;'

Next message: Bennett Todd: "safe mallocs (was Re: vulndev-1 and a suggestion about the ensuing discussion)"
Previous message: Cameron Brown: "RE: MSIE integer overflows"
In reply to: xenophi1e: "Re: vulndev-1 and a suggestion about the ensuing discussion"
Next in thread: Bennett Todd: "safe mallocs (was Re: vulndev-1 and a suggestion about the ensuing discussion)"
Next in thread: Michael Wojcik: "RE: vulndev-1 and a suggestion about the ensuing discussion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri May 16 2003 - 08:49:37 PDT