Search
Forum Home | Login
Scuttle_SE
Scuttle_SE
Join Date 08/2006
0

Buffer overflow in OD+ 1.3 (and older versions I think)

September 20, 2006 12:18:55 PM from Stardock ForumsStardock Forums
Create a HTML-page with a tag that is 1000 characters or more, load it in firefox. OD+ immediately dies.<br/><br/> </div> </div> </div><div id="ctl00_ctl00__Content__Content__PostTags" class="tags"> <a id="ctl00_ctl00__Content__Content__Tags_ctl00__TagLink" class="tag" href="/search;null/tags;objectdock">objectdock</a> </div><div id="ctl00_ctl00__Content__Content__Tray" class="tray"> <div id="ctl00_ctl00__Content__Content__PostStatusSection1" class="status"> <span> Locked Post</span> </div> <div id="ctl00_ctl00__Content__Content__Buttons" class="buttons"> <a href="/search/post;130953" id="ctl00_ctl00__Content__Content__SearchPostLink" class="button search" title="Search this post"></a> <span class="separator"></span> <a href="../../#reply" id="ctl00_ctl00__Content__Content__LinkReply" class="button reply" title="Reply to this post"></a> <div class="slidingmenu" id="postsearchbox"> <div class="header">Search this post</div> <div class="content"> <div class="onelineform"> <input type="text" class="searchtext" /> <a class="button search" href="#"></a> </div> <a class="advancedsearch" href="/search">Advanced Search</a> </div> </div> <div class="slidingmenu" id="postsubscribebox"> <div class="header">Subscription Options</div> <div class="content"> <label> <input name="ctl00$ctl00$_Content$_Content$_SubscribePost" type="checkbox" id="ctl00_ctl00__Content__Content__SubscribePost" class="subscribenow" /> Watch this post </label> <hr /> <label class="disabled" id="subscribenoemail"> <input value="noemail" name="ctl00$ctl00$_Content$_Content$subscriptionemailoptions" type="radio" id="ctl00_ctl00__Content__Content__SubscribePostNoEmail" disabled="disabled" /> Do not email me updates for this post </label> <label class="disabled" id="subscribeemail"> <input value="email" name="ctl00$ctl00$_Content$_Content$subscriptionemailoptions" type="radio" id="ctl00_ctl00__Content__Content__SubscribePostEmail" disabled="disabled" checked="checked" /> Email me updates for this post </label> </div> </div> <div class="slidingmenu karmareasonbox"> <div class="header">Reason for Karma (Optional)</div> <div class="content"> <div class="onelineform"> <input name="ctl00$ctl00$_Content$_Content$_PostKarmaDataReason" type="text" id="ctl00_ctl00__Content__Content__PostKarmaDataReason" class="reasontext" /> <a class="button apply" href="#"></a> </div> <div class="reasonsuccess">Successfully updated karma reason!</div> </div> </div> <div class="slidingmenu" id="postkarmagiversbox"> <div class="content"> </div> </div> </div> </div> </div> <a name="replies"></a> <div class="pagertop"> <div class="pager"></div> </div> <div class="ad"> <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- WC Forums 728 Banner, Above the Fold --> <ins class="adsbygoogle" style="display: inline-block; width: 728px; height: 90px" data-ad-client="ca-pub-7512798962749118" data-ad-slot="2540178774"></ins> <script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> <div class="replies"> <a name="last"></a><a name="1152537"></a><a name="1" id="1152537_AnchorNum" class="anchor"></a> <div id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__Reply" class="postcontainer" data-post-data-id="1152537" data-reply-number="1" data-author-id="2569424" data-author-name="Scuttle_SE"> <div class="postinfo"> <div class="menu"> <img id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__ImageAvatar" class="avatar none" src="/images/Base/Space.gif" alt="Scuttle_SE" /> <div class="user"> <a id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__LinkUser" title="Click user name to view more options.">Scuttle_SE</a> </div> <div id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__Rank" class="rank rank1" title="Rank: 1"> </div> <div class="joindate"> Join Date 08/2006 </div> <div class="honorific"> <span title="Stardock Community Title"> </span> </div> <a id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__LinkKarmaCount" title="View Scuttle_SE's Karma" class="karma_badge noeffect" href="/karma/2569424">0</a> <img id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__Badge__UserGroupImage" src="/images/base/space.gif" /> <div id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__AwardsSection" class="awards" data-accountid="2569424" data-accounttypeid="1"> <img id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__Awards_ctl00__AwardImage" title="Received 100 clicks from shared links to a single post" class="award small a_136" src="/images/spacer.gif" /> <a id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__Awards_ctl01__MoreAwards" title="View all awards" class="moreawards" href="/user/2569424/awards/"></a> </div> <div id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__FounderAwardsSection" class="awards founders"> </div> </div> <div class="content"> <div class="header"> <div class="l"> <a href="/130953/get;1152537" id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__LinkNumber" class="linknumber">Reply #1</a> September 20, 2006 12:20:32 PM <div class="site"> from <a id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__SiteUrl" class="siteurl" href="//forums.stardock.com/"><img src="/Themes/Stardock/images/icon.png" id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__SiteIcon" alt="Stardock Forums" title="Stardock Forums" />Stardock Forums</a> </div> </div> <div class="r"> <a class="top gototop glyph up" href="#" title="Scroll to Top"></a> </div> </div> <div class="text postbody"> hm...seems like the forums doesn't like html-tags...<br/><br/>Anyways, create a TITLE-tag with more than 1000 characters, load it in firefox, OD+ dies immediately<br/> </div> </div> </div> <div class="tray"> <div class="links"> </div> <div class="buttons"> <div class="slidingmenu karmareasonbox"> <div class="header">Reason for Karma (Optional)</div> <div class="content"> <div class="onelineform"> <input name="ctl00$ctl00$_Content$_Content$_RepeaterReplies$ctl00$_KarmaDataReason" type="text" id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__KarmaDataReason" class="reasontext" /> <a class="button apply" href="#"></a> </div> <div class="reasonsuccess">Successfully updated karma reason!</div> </div> </div> </div> </div> <div id="ctl00_ctl00__Content__Content__RepeaterReplies_ctl00__ReplyEdits" class="edits" style="display: none;"> <div class="wait"> <img src="images/space.gif" class="ajaxwait" /> <span>We're looking up the edits for this post...</span> </div> </div> </div> </div> <div class="pagerbottom"> <div class="pager"></div> </div> </div> <div class="breadcrumbs bottomcrumbs"> <ul> <li> <a id="ctl00_ctl00__Content__Content__BreadcrumbsBottom__RepeaterBreadcrumbs_ctl00__Link" href="/">Home</a> <a id="ctl00_ctl00__Content__Content__BreadcrumbsBottom__RepeaterBreadcrumbs_ctl00__DropDown__DropMenu" class="menu glyph rightarrow" data-categories="{"Header":"Home","Links":[{"Name":"WinCustomize Talk","Url":"/forum/144"},{"Name":"Object Desktop","Url":"/forum/166"},{"Name":"Personal Computing","Url":"/forum/1"},{"Name":"OS Customization","Url":"/forum/19"},{"Name":"Life, the Universe and Everything","Url":"/forum/170"}]}" href="/#"></a> </li> <li> <a id="ctl00_ctl00__Content__Content__BreadcrumbsBottom__RepeaterBreadcrumbs_ctl01__Link" href="/forum/176">ObjectDock</a> </li> </ul> </div> <a name="reply"></a> <div class="signup"> <b>Welcome Guest! Please take the time to register with us.</b> <p> There are many great features available to you once you register, including:</p> <ul> <li>Richer content, access to many features that are disabled for guests like commenting and posting on the forums. </li> <li>Access to a great community, with a massive database of many, many areas of interest. </li> <li>Access to contests & subscription offers like exclusive emails. </li> <li>It's simple, and FREE!</li> </ul> <p> <a class="action" href="/signin-oidc">Sign in or Create Account</a> </p> </div> <script type="text/javascript" src="https://static.addtoany.com/menu/page.js"></script> <div class="forumfoot"> <div class="top"> <div class="l"> <a href="/recent">View all recent posts</a> </div> <div class="r"> <span><a href="/markall">Mark all posts as read</a></span> <span><a href="/deletecookies.aspx">Delete cookies created by the forum</a></span> <span><a href="#" class="gototop">Return to Top</a></span> </div> </div> <div class="loadstats"> Stardock Forums v        Server Load Time:   Page Render Time: <span id="_PageRenderTime"></span> </div> </div> </div> </div> <script type="text/javascript"> //<![CDATA[ Sys.WebForms.PageRequestManager._initialize('ctl00$ctl00$_ScriptManager', 'aspnetForm', [], [], [], 90, 'ctl00$ctl00'); //]]> </script> </form> <script src="/js/tinymce/tinymce.js?v=_Otg9mE2PDBi5Pt-tmrZpbZIKTDyNzkQfbUFuPWiNVo1"></script> </body> </html>