[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: Re: Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability



Hi!

I think he is talking about this blog post of the Microsoft Security and Defense team.
http://blogs.technet.com/b/srd/archive/2009/01/28/stack-overflow-stack-exhaustion-not-the-same-as-stack-buffer-overflow.aspx

Since your PoC code throws this:

Problem signature:
  Problem Event Name:	APPCRASH
  Application Name:	iexplore.exe
  Application Version:	9.0.8112.16457
  Application Timestamp:	50a2f9e3
  Fault Module Name:	MSHTML.dll
  Fault Module Version:	9.0.8112.16457
  Fault Module Timestamp:	50a30507
  Exception Code:	c00000fd
  Exception Offset:	002bbe12
  OS Version:	6.1.7601.2.1.0.768.3
  Locale ID:	1033
  Additional Information 1:	39a4
  Additional Information 2:	39a4d7f18c1c7c725934453009d2f1b9
  Additional Information 3:	9b65
  Additional Information 4:	9b65a6e96bd128527d12d25fc3aa2ec1

ie runs in an exhaustion not in an overflow.