BugTraq
Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 11 2004 06:07AM
Arman Nayyeri (arman-n Phreaker net) (3 replies)
Re: Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 13 2004 01:22PM
jeremy 33ad org
Quoting Arman Nayyeri (arman-n (at) Phreaker (dot) net [email concealed]):
> Microsoft Internet Explorer BMP file memory DoS vulnerability
> =============================================================
> Title: Microsoft Internet Explorer BMP file memory DoS vulnerability
> Vuln Name: 58 bytes BMP vs 51,539,607,528 GB memory
> Date: Sunday, April 11, 2004
> Software: Internet Explorer v5.0-v6.0
> (i guess perior versions are vulnerable)
> Vendor: Microsoft Corporation
> Patch: N/A (Look at "Vendor Status" section)
> Author: Arman Nayyeri, arman[at]4rman.com, http://www.4rman.com
> Severity: Low

win2k, sp4. IE 6.0.2800.1106, sp1.

no crash, just lots of memory used.

--
Jeremy Kelley <jeremy (at) 33ad (dot) org [email concealed]>
All plenty which is not my God is poverty to me. -Augustine

[ reply ]
Re: Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 13 2004 12:33PM
Thilo Schulz (arny ats s bawue de)
RE: Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 13 2004 06:00AM
Alan W. Rateliff, II (lists rateliff net)


 

Privacy Statement
Copyright 2010, SecurityFocus