Positively confirmed on 6.0.2800.1106.xpclnt_qfe.021108-2107, but a friend o'mine could not reproduce it, running IE 6 with SP1.
Regards Joao Rodrigo F. Coimbra, MCSE, MCDBA, MCAD, MCT http://www.netverse.com.br [EMAIL PROTECTED] ----- Original Message ----- From: "Thor Larholm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, July 07, 2003 3:59 PM Subject: Re: [Full-Disclosure] Internet Explorer 6 DoS Bug > Positively confirmed on 6.0.2800.1106.xpsp2.030422-1633 when entering C:\aux in > the Address Bar. > > Seeing as the behavior of this scenario is inconsistent between list subscribers > with the same IE version, one could believe the bug is not in IE but in urlmon > or shellexecute somewhere. > > > Regards > Thor Larholm > PivX Solutions, LLC - Senior Security Researcher > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, July 07, 2003 6:25 PM > Subject: [Full-Disclosure] Internet Explorer 6 DoS Bug > > > > Hi, > > I found a bug in IE6 �n Windows XP with all Service Packs and Patches > installed: > > If you enter C:\aux in the adressline of the IE (not EXPLORER, > InternetExplorer) > > and hit enter, the window will freeze. This bug is simmilar to C:\con\con > > but not as dagerous. But its the same reason, naimly that windows trys to > > open aux, a hardware device in earlier windows versions. > > I already sended an email to Microsoft but they said the bug wouldn't exist. > > > > Bye > > > > Fabian Becker (www.neonomicus.ionichost.com) > > [EMAIL PROTECTED] > > > > > > > > > > ________________________________________ > > Mehr Power f�r Ihre eMail - mit den neuen Leistungspaketen bei > http://www.epost.de > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
