From skylined@edup.tudelft.nl Mon Oct 25 11:59:42 2004 Date: Mon, 25 Oct 2004 03:55:10 +0200 From: Berend-Jan Wever To: ned , bugtraq@securityfocus.com Cc: full-disclosure@lists.netsys.com Subject: Re: [Full-Disclosure] python does mangleme (with IE bugs!) [ The following text is in the "iso-8859-1" character set. ] [ Your display is set for the "ISO-8859-2" character set. ] [ Some special characters may be displayed incorrectly. ] Hi all, here's my analysis of these bugs: 2445.html does nothing on my win2ksp4en/ie6.0sp1. (IE does crash when you load it because the META refresh tag leads to 2446.html.) 2446.html contains an exploitable BoF in the IFRAME tag using the SRC and NAME property. To trigger the BoF you only need this tag in a HTML file: