IE Buffer Overrun Bug - Affects: Internet Explorer 4.0 for Windows 95

Question

IE Buffer Overrun Bug - Affects: Internet Explorer 4.0 for Windows 95 (including OSR2) only

Answer

This question was answered on June 15, 1999. Much of the information contained herein may have changed since posting.

Description of Bug: This bug can cause Internet Explorer 4.0 to crash when a malicious Web site contains a certain kind of URL (that begins with res://) with more characters than the browser supports At the end of the maximum character limit, a malicious user could write machine language code that gets loaded into the buffer which could be used to form a executable that could then run on your computer.

Available Fix(es) for Windows 95 Users: A fix can be downloaded from Microsoft at http://www.microsoft.com/ie/security/buffer.htm

or http://www.microsoft.com/msdownload/ieplatform/ie4bufferpatch/patch.htm.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on June 15, 1999