Full Disclosure mailing list archives
RE: New Microsoft Internet Explorer mshtml.dll Denial of Service?
From: "Steve Wray" <steve.wray () paradise net nz>
Date: Tue, 2 Sep 2003 21:53:22 +1200
Its a mail client issue; doesn't happen if you click on a link from Internet Explorer. Interestingly enough, the people who have responded with positives so far appear to be Outlook or Outlook express users. Your mail headers don't exactly give away your own mail client. What would it be?
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Marc Ruef Sent: Tuesday, 2 September 2003 7:12 p.m. To: full-disclosure () lists netsys com Subject: [Full-disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear List I was looking for some sources that serve translations of Buce Schneiers well-known Crypto-Gram[1]. So I found on the official page the hint, that there are some outdated Issues in a german version available. After clicking in the link that brings me to http://www.galad.com/extras/cg/cg.htm , my Internet Explorer 6.0.2800.1106 "encounters a problem and needs to close". After a bit of debugging I could determine that the problem must be existing in the library mshtml.dll. I tried to do a small and dirty analysis of the problem. So I fetched the whole page that encounters the error, but I couldn't reproduce the program shutdown with the offline version. It doesn't matter if I keep the original linking and embedded pictures as a link to the original web source. Then I deactivated the Internet Explorers possibility of showing pictures (Tools/Internet Options/Advanced/Show pictures). And now the error message doesn't come again. So it seems to me that one of the pictures produce the failure. Again, I put all the graphics from the named page dedicated into the affected web browser (e.g. http://www.galad.com/frame/but0nr.gif ). But > once more, I couldn't reproduce the error. Perhaps it is an interaction between HTML or JavaScript and a picture needed. It is very interesting, that other sub pages (e.g. http://www.galad.com/certify/mcse/mcse.htm ) > or other browsers (e.g. Netscape Communicator 4.x, 6.x, and 7.x) are not affected. Can somebody help me to figure out the real problem? Or is this an old issue I can't recognize? Sincerely, Marc Ruef [1] http://www.counterpane.com/crypto-gram.html - -- ) scip AG ( Technoparkstr. 1 8005 Zürich T +41 1 445 18 18 F +41 1 445 18 19 maru () scip ch www.scip.ch - Publizierung aktuellster IT-Sicherheitsluecken - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 iQA/AwUBP1RC+Re5hzJzqVMhEQKmDQCeM66Q8w/UqQBIi5FurZ7HpE6dMKYAmwdG aNlONsKvfe2L9xezEjl2plJ3 =C9az -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service?, (continued)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? morning_wood (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Irwan Hadi (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Irwan Hadi (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Thor Larholm (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tim (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? morning_wood (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Valdis . Kletnieks (Sep 05)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Irwan Hadi (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Tim (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? Irwan Hadi (Sep 02)
- Slow mail (was Re: New Microsoft Internet Valdis . Kletnieks (Sep 05)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Marcus Graf (Sep 02)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Marcus Graf (Sep 02)
- RE: New Microsoft Internet Explorer mshtml.dll Denial of Service? Mads (Sep 02)
- Re: New Microsoft Internet Explorer mshtml.dll Denial of Service? morning_wood (Sep 02)
- Re[2]: New Microsoft Internet Explorer mshtml.dll Denial of Service? Zobel M. (Sep 02)