null byte exploit for ie 5.5 & 6
http://www.vnunet.com/News/1128330
Printable View
null byte exploit for ie 5.5 & 6
http://www.vnunet.com/News/1128330
As one member on here said "Jesus Christ and all that's Holy"...
Isn't that something you learn to avoid in Programming 101? Null length vars, null length fields, etc etc...christ on a flaming raft, it's definitely making me wonder if they're not just hiring VB beginners. And before someone flames me for saying that they could've overlooked it...we're talking IE 5.5 & 6. How long has it been out? Who does their testing? Senior programmers should overlook the code of newbies, pure and simple, to avoid lame **** like this. Gah, it makes me sick.
Hmmm, doesn't surprise me.
I'm surprised how this whole "thing" started December 14th. Hah... You've gotta be joking. I mean come on... And as Vorlin stated, I can (and probably will) bet that they (microsoft...I dare not captalize THAT again...sheesh) are just picking up junior wanna-be VB programmers fresh out of high school. I mean come on...Null byte exploitation! Jeeze Lueeze.Quote:
Isn't that something you learn to avoid in Programming 101? Null length vars, null length fields, etc etc...christ on a flaming raft, it's definitely making me wonder if they're not just hiring VB beginners. And before someone flames me for saying that they could've overlooked it...we're talking IE 5.5 & 6. How long has it been out? Who does their testing? Senior programmers should overlook the code of newbies, pure and simple, to avoid lame **** like this. Gah, it makes me sick.
Come to think of it, take a look at this. I'm using Netscape (as I do very often unless Windows Update needs to take a leak...*:drink:*) But today when I tried to log onto Internet Explorer, it crashed every time I punched a button. Another flaw? I dunno, but it pissed the hell out of me. For I'm not vaulnurable to this Null Byte Exploit (...can I hear an Amen?).
But see, Vorlin, their Senior programmers *~Should~* have looked it over, and probably did. But knowing mICROSOFT they probably let it slide to the side like they usually do just to bother the hell out of Windows users. I honestly wouldn't want to be a programmer for IE and stand next to me right now. This literally "makes me sick."
[P.S. - /me *chuckles at Vorlin for quoting me... :) :) ]
...omi****in'gawd!!! <*reaching for the Paxil and decanter of Scotch*>...hmmm...Vorlin, old boy...? Please be so kind as to hand me the barf bag? I can't reach it from here.... jesus! I feel so sick to my stomach...!!!!
Sounds like somebody in SQA should get shot. I can understand a slip of the fingers but this, this is just too much.......
I better leave it blank.
Kewl_Zero - Pass those things around.....
What?! Another exploit in a Microsoft product? No way, you guys have got to be kidding, right? :D
Okay, sarcasm mode is off now, sorry about that guys.. :)
<*pounding head repeatedly on keyboard and contemplating the pool of technicolor vomit about the rug*>
He weakly moans: ".... Jobs... Jobs... Why did you have to be so ****ing greedy with your Apple I...Jobs... Jobs.... Tevold... Tevold...why the **** did you have to be born 40 years too late!!!...omi****in'gawd!!!... I am so sick... sick...please...help me... please...omi****in'gawd!!!...this is so awful... unbelievable!
i have ie version 6.0.2600.0 ... lol.
every time i open ie, a little form pops up saying there is a bug, and i'm given the option to report it, close the application, fix the bug myself, or not report it.
it's quite annoying....especially since 50% of the time it will immediately crash after i have chosen one of the above options....argh.
That's the main reason I migrated to Opera. That, and IE just STOPPED letting me search for text within the window one day. I click on it, nothing happens, hit control-F, nothing happens...Quote:
Originally posted by firefemme
i have ie version 6.0.2600.0 ... lol.
every time i open ie, a little form pops up saying there is a bug, and i'm given the option to report it, close the application, fix the bug myself, or not report it.
it's quite annoying....especially since 50% of the time it will immediately crash after i have chosen one of the above options....argh.
As for the bug, I'll echo Maverick.
FreeBSD anyone? www.freebsd.orgQuote:
Originally posted by firefemme
i have ie version 6.0.2600.0 ... lol.
every time i open ie, a little form pops up saying there is a bug, and i'm given the option to report it, close the application, fix the bug myself, or not report it.
it's quite annoying....especially since 50% of the time it will immediately crash after i have chosen one of the above options....argh.
hehehehe
Hehe, Kewl_Zero...if I handed any bags over, I'd have none for myself!
I'm honestly thinking this is one reason why the source will never be released. Mainly because there's so many problems and bugs, and from what I've heard from a friend who did contracting work there, it's a slavehouse with no dept. talking to another dept. He would go to meetings where products would be displayed and literally hear "programmers" saying "Oh, so that's what my code does...". Now a programmer saying that? Don't you think you would know what your code does in a program?!
*hari kari, here I come*...
What Vorlin's states looks to be a communication, coordination prob at M$. Nobody at M$ can overview the whole code of their OS's anymore... In one way you can say they have completly lost it and still are succesfull --> they really have talent :)
Did I hear someone say Opera?
M$ need to loose market share, then they might work harder to sort things out.
Null - :hiphop: - Null
Between the ears. Think we know where this is going.
Those engineers at MS been hunting pinguins again.....
:3pow:
On the XP box, IE and Opera. Can't get away from that dam%@$$% MS update. Or I'd ditch IE. If only. Lets we not forget Amaya, compiled in C. Tried but true.....Still fun to play with....
sigh!
rgds
de
at least nowadays the microsoft is giving away some patches to help their product more globally competitive. there is no doubt that this would happen it happen to be the most unsecure browser ( i think). howver, in the recent ie 4.xx there are lots of ie bugs and even exploits that could affect the system running. i think it is just a some modification of the the bugs found on ie4.xx or the like.
at least nowadays the microsoft is giving away some patches to help their product more globally competitive. there is no doubt that this would happen it happen to be the most unsecure browser ( i think). howver, in the recent ie 4.xx there are lots of ie bugs and even exploits that could affect the system running. i think it is just a some modification of the the bugs found on ie4.xx or the like.
unFµ¢€Ñbelivable.
could you pass some of that scotch over here?