IE4.0 patch

Richard Trott (trott@REMUS.RUTGERS.EDU)
Thu, 13 Nov 1997 14:38:30 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Valdis Kletnieks: "Re: Safe /tmp cleanup"
Previous message: Pavel Kankovsky: "another buffer overrun in sperl5.003"
Next in thread: John Wiltshire: "Re: IE4.0 patch"

Microsoft released a patch for the recently-reported (via l0pht--see
http://l0pht.com/advisories.html if you missed it on bugtraq) buffer
overflow in Win95 with regard to res:// type URLs.

Does anyone know if the patch
(http://www.microsoft.com/ie/security/?/ie/security/buffer.htm to get it)
actually fixes Win95, or if it's just an IE patch? The l0pht advisory
indicated that other apps were vulnerable because the problem was with
Win95, not IE. (Easy, if not-so-thorough, way to test: use Outlook
Express (or Windows Explorer) to view a bogus res:// URL of longer than
256 characters and watch it crash Outlook Express (or Windows Explorer).
Install patch above. Try again. Does it still crash? I don't have a
Win95 machine at my disposal to test this with...)

Richard Trott
trott@remus.rutgers.edu

Next message: Valdis Kletnieks: "Re: Safe /tmp cleanup"
Previous message: Pavel Kankovsky: "another buffer overrun in sperl5.003"
Next in thread: John Wiltshire: "Re: IE4.0 patch"