A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows ME » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 /Netscape 9 (pass 100%)



 
 
Thread Tools Display Modes
  #1  
Old March 4th 10, 05:22 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
98 Guy
External Usenet User
 
Posts: 2,951
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 /Netscape 9 (pass 100%)

This website:

Browser Security Test
http://bcheck.scanit.be/bcheck/

Allows users to subject their computer/browser to a selection of
synthetic exploits as follows:

- user selectable tests / exploits
- test only exploits known to affect the user's particular browser
- all tests for all known exploits

There are 19 tests in total. See below for a summary of them.

I ran these tests 3 times - once against each of the installed browsers
on my win-98se system.

I did not have any AV program or any form of browser-protection program
running on my test system.

-------------
Test results
-------------

Browser name: Firefox/2.0.0.12 Navigator
Version: 9.0.0.6
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: Firefox
Version: 2.0.0.20
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: MSIE
Version: 6.0
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

During the IE6 test, I was asked to download / run these two files:

crashy2.xul (a small script file)
path-neg.svg (another small script file)

The second file seems to be a very old IE5/IE6 exploit, as described
he

http://www.greymagic.com/security/advisories/gm012-ie/

Neither of the above 2 files, when submitted to VirusTotal, are detected
as threats by any of the 42 AV apps hosted on that site.

Note the stats (% vulnerable browsers):

http://bcheck.scanit.be/bcheck/stats.php

------------------
Summary of tests
------------------

Windows animated cursor overflow (CVE-2007-0038) (This test may trigger
anti-virus warnings)
Mozilla crashes with evidence of memory corruption (CVE-2007-0777)
Internet Explorer bait & switch race condition (CVE-2007-3091)
Mozilla crashes with evidence of memory corruption (CVE-2007-2867)
Internet Explorer createTextRange arbitrary code execution
(CVE-2006-1359)
Windows MDAC ADODB ActiveX control invalid length (CVE-2006-5559)
Adobe Flash Player video file parsing integer overflow (CVE-2007-3456)
XMLDOM substringData() heap overflow (CVE-2007-2223)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.5)
(CVE-2007-3734)
Opera JavaScript invalid pointer arbitrary code execution (CVE-2007-436)
Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
(CVE-2007-2295)
Mozilla code execution via QuickTime Media-link files (CVE-2006-4965)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.8) (
CVE-2007-533)
Mozilla memory corruption vulnerabilities (rv:1.8.1.10) (CVE-2007-5959)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.12)
(CVE-2008-0412)
Apple QuickTime 'QTPlugin.ocx' ActiveX Control Multiple Buffer Overflows
()
Window location property cross-domain scripting (CVE-2008-2947)
Mozilla Firefox MathML integer overflow (CVE-2008-4061)
Internet Explorer XML nested SPAN elements memory corruption
(CVE-2008-4844)

Meb will no doubt respond to this post by frothing and spewing one
excuse after another why these tests should not be believed or taken as
evidence that Win-98 combined with old/legacy browsers are not
vulnerable to common exploitation.
  #2  
Old March 4th 10, 06:13 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
MEB[_17_]
External Usenet User
 
Posts: 1,830
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6/ FF2.20 / Netscape 9 (pass 100%)

On 03/04/2010 12:22 AM, 98 Guy wrote:
This website:

Browser Security Test
http://bcheck.scanit.be/bcheck/

Allows users to subject their computer/browser to a selection of
synthetic exploits as follows:

- user selectable tests / exploits
- test only exploits known to affect the user's particular browser
- all tests for all known exploits

There are 19 tests in total. See below for a summary of them.

I ran these tests 3 times - once against each of the installed browsers
on my win-98se system.

I did not have any AV program or any form of browser-protection program
running on my test system.

-------------
Test results
-------------

Browser name: Firefox/2.0.0.12 Navigator
Version: 9.0.0.6
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: Firefox
Version: 2.0.0.20
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: MSIE
Version: 6.0
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

During the IE6 test, I was asked to download / run these two files:

crashy2.xul (a small script file)
path-neg.svg (another small script file)

The second file seems to be a very old IE5/IE6 exploit, as described
he

http://www.greymagic.com/security/advisories/gm012-ie/

Neither of the above 2 files, when submitted to VirusTotal, are detected
as threats by any of the 42 AV apps hosted on that site.

Note the stats (% vulnerable browsers):

http://bcheck.scanit.be/bcheck/stats.php

------------------
Summary of tests
------------------

Windows animated cursor overflow (CVE-2007-0038) (This test may trigger
anti-virus warnings)
Mozilla crashes with evidence of memory corruption (CVE-2007-0777)
Internet Explorer bait & switch race condition (CVE-2007-3091)
Mozilla crashes with evidence of memory corruption (CVE-2007-2867)
Internet Explorer createTextRange arbitrary code execution
(CVE-2006-1359)
Windows MDAC ADODB ActiveX control invalid length (CVE-2006-5559)
Adobe Flash Player video file parsing integer overflow (CVE-2007-3456)
XMLDOM substringData() heap overflow (CVE-2007-2223)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.5)
(CVE-2007-3734)
Opera JavaScript invalid pointer arbitrary code execution (CVE-2007-436)
Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
(CVE-2007-2295)
Mozilla code execution via QuickTime Media-link files (CVE-2006-4965)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.8) (
CVE-2007-533)
Mozilla memory corruption vulnerabilities (rv:1.8.1.10) (CVE-2007-5959)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.12)
(CVE-2008-0412)
Apple QuickTime 'QTPlugin.ocx' ActiveX Control Multiple Buffer Overflows
()
Window location property cross-domain scripting (CVE-2008-2947)
Mozilla Firefox MathML integer overflow (CVE-2008-4061)
Internet Explorer XML nested SPAN elements memory corruption
(CVE-2008-4844)

Meb will no doubt respond to this post by frothing and spewing one
excuse after another why these tests should not be believed or taken as
evidence that Win-98 combined with old/legacy browsers are not
vulnerable to common exploitation.


Hey dimwit, the files aren't classed as nor found as malware, what
might that mean.... and of course you PERSONALLY CHECKED THOSE FILES
codings to see if they actually CHECKED anything didn't ya AND WERE NOT
malware injection stubs... okay we know you didn't, your not intelligent
enough to do so.

Were these supposedly Win9X classed, or were these... nothing... or
maybe NT only or,,, yeah let's all believe this dimwit.... smart enough
to download AND RUN some unknown files from a supposed testing site of
unknown character and unknown reliability, using just two files to test
all of the thousands of exploits and their variants.... using, gee,
maybe "proof of concept" code distributed for NT SYSTEMS.

Oh, and what happened to the KNOWN malware exploits that exist in Win9X
with IE6 [in the wild], where did they show, must have missed that group
of tests. And how about that XSS KNOWN vulnerability test for FireFox
2.0.0.20 [in the wild], and the specific tests for the vulnerabilities
in 9.0.0.6 [in the wild], did I miss those.

You are a moron.... and you did this with NO anti-malware protection,
yep yuz a brite bulb... make sure yuz tak dat computer ta work wit ya in
hook it to da buznis network....

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---
  #3  
Old March 4th 10, 06:29 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
Hot-text
External Usenet User
 
Posts: 1,026
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 / Netscape 9 (pass 100%)

NO anti-malware protection why would you do that for?
you need to always run a protection on your Computer 98 Guy ,,,,,


"98 Guy" wrote in message ...
This website:

Browser Security Test
http://bcheck.scanit.be/bcheck/

Allows users to subject their computer/browser to a selection of
synthetic exploits as follows:

- user selectable tests / exploits
- test only exploits known to affect the user's particular browser
- all tests for all known exploits

There are 19 tests in total. See below for a summary of them.

I ran these tests 3 times - once against each of the installed browsers
on my win-98se system.

I did not have any AV program or any form of browser-protection program
running on my test system.

-------------
Test results
-------------

Browser name: Firefox/2.0.0.12 Navigator
Version: 9.0.0.6
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: Firefox
Version: 2.0.0.20
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: MSIE
Version: 6.0
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

During the IE6 test, I was asked to download / run these two files:

crashy2.xul (a small script file)
path-neg.svg (another small script file)

The second file seems to be a very old IE5/IE6 exploit, as described
he

http://www.greymagic.com/security/advisories/gm012-ie/

Neither of the above 2 files, when submitted to VirusTotal, are detected
as threats by any of the 42 AV apps hosted on that site.

Note the stats (% vulnerable browsers):

http://bcheck.scanit.be/bcheck/stats.php

------------------
Summary of tests
------------------

Windows animated cursor overflow (CVE-2007-0038) (This test may trigger
anti-virus warnings)
Mozilla crashes with evidence of memory corruption (CVE-2007-0777)
Internet Explorer bait & switch race condition (CVE-2007-3091)
Mozilla crashes with evidence of memory corruption (CVE-2007-2867)
Internet Explorer createTextRange arbitrary code execution
(CVE-2006-1359)
Windows MDAC ADODB ActiveX control invalid length (CVE-2006-5559)
Adobe Flash Player video file parsing integer overflow (CVE-2007-3456)
XMLDOM substringData() heap overflow (CVE-2007-2223)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.5)
(CVE-2007-3734)
Opera JavaScript invalid pointer arbitrary code execution (CVE-2007-436)
Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
(CVE-2007-2295)
Mozilla code execution via QuickTime Media-link files (CVE-2006-4965)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.8) (
CVE-2007-533)
Mozilla memory corruption vulnerabilities (rv:1.8.1.10) (CVE-2007-5959)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.12)
(CVE-2008-0412)
Apple QuickTime 'QTPlugin.ocx' ActiveX Control Multiple Buffer Overflows
()
Window location property cross-domain scripting (CVE-2008-2947)
Mozilla Firefox MathML integer overflow (CVE-2008-4061)
Internet Explorer XML nested SPAN elements memory corruption
(CVE-2008-4844)

Meb will no doubt respond to this post by frothing and spewing one
excuse after another why these tests should not be believed or taken as
evidence that Win-98 combined with old/legacy browsers are not
vulnerable to common exploitation.

  #4  
Old March 4th 10, 08:59 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
Shane[_15_]
External Usenet User
 
Posts: 4
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 / Netscape 9 (pass 100%)

What I'd like to know is who brought you boring fux0rs here?
  #5  
Old March 4th 10, 12:16 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
Peter Foldes
External Usenet User
 
Posts: 13
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 / Netscape 9 (pass 100%)

I think you forgot to add more newsgroups to you wonderful job in crossposting.

--
Peter

Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.

"98 Guy" wrote in message ...
This website:

Browser Security Test
http://bcheck.scanit.be/bcheck/

Allows users to subject their computer/browser to a selection of
synthetic exploits as follows:

- user selectable tests / exploits
- test only exploits known to affect the user's particular browser
- all tests for all known exploits

There are 19 tests in total. See below for a summary of them.

I ran these tests 3 times - once against each of the installed browsers
on my win-98se system.

I did not have any AV program or any form of browser-protection program
running on my test system.

-------------
Test results
-------------

Browser name: Firefox/2.0.0.12 Navigator
Version: 9.0.0.6
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: Firefox
Version: 2.0.0.20
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

Browser name: MSIE
Version: 6.0
Platform: Windows 98
Congratulations! The test has found no vulnerabilities in your browser!

During the IE6 test, I was asked to download / run these two files:

crashy2.xul (a small script file)
path-neg.svg (another small script file)

The second file seems to be a very old IE5/IE6 exploit, as described
he

http://www.greymagic.com/security/advisories/gm012-ie/

Neither of the above 2 files, when submitted to VirusTotal, are detected
as threats by any of the 42 AV apps hosted on that site.

Note the stats (% vulnerable browsers):

http://bcheck.scanit.be/bcheck/stats.php

------------------
Summary of tests
------------------

Windows animated cursor overflow (CVE-2007-0038) (This test may trigger
anti-virus warnings)
Mozilla crashes with evidence of memory corruption (CVE-2007-0777)
Internet Explorer bait & switch race condition (CVE-2007-3091)
Mozilla crashes with evidence of memory corruption (CVE-2007-2867)
Internet Explorer createTextRange arbitrary code execution
(CVE-2006-1359)
Windows MDAC ADODB ActiveX control invalid length (CVE-2006-5559)
Adobe Flash Player video file parsing integer overflow (CVE-2007-3456)
XMLDOM substringData() heap overflow (CVE-2007-2223)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.5)
(CVE-2007-3734)
Opera JavaScript invalid pointer arbitrary code execution (CVE-2007-436)
Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
(CVE-2007-2295)
Mozilla code execution via QuickTime Media-link files (CVE-2006-4965)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.8) (
CVE-2007-533)
Mozilla memory corruption vulnerabilities (rv:1.8.1.10) (CVE-2007-5959)
Mozilla crashes with evidence of memory corruption (rv:1.8.1.12)
(CVE-2008-0412)
Apple QuickTime 'QTPlugin.ocx' ActiveX Control Multiple Buffer Overflows
()
Window location property cross-domain scripting (CVE-2008-2947)
Mozilla Firefox MathML integer overflow (CVE-2008-4061)
Internet Explorer XML nested SPAN elements memory corruption
(CVE-2008-4844)

Meb will no doubt respond to this post by frothing and spewing one
excuse after another why these tests should not be believed or taken as
evidence that Win-98 combined with old/legacy browsers are not
vulnerable to common exploitation.

  #6  
Old March 4th 10, 02:35 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
98 Guy
External Usenet User
 
Posts: 2,951
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 /FF2.20 / Netscape 9 (pass 100%)

Top-Poaster Peter Foldes top-poasted:

I think you forgot to add more newsgroups to you wonderful job in
crossposting.


Thanks Peter. I know that you are in agreement with me that the
selection of groups that I posted to (win-98, win-me, and IE6) was a
very wise choice - given that this combination of OS's and browser is
arguably at the crux of what most people consider to be un-supported or
that the degree to which their compatibility with various browser
exploits is largely unknown given the focus on NT-based OS's such as XP
and above.

I know that you are in complete agreement with me (as you indicate) that
crossposting is completely normal and useful when subject matter is
applicable to several groups simultaneously.
  #7  
Old March 4th 10, 02:36 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
98 Guy
External Usenet User
 
Posts: 2,951
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 /FF2.20 / Netscape 9 (pass 100%)

Shane wrote:

What I'd like to know is who brought you boring fux0rs here?


And where exactly is here?
  #8  
Old March 4th 10, 05:19 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
webster72n
External Usenet User
 
Posts: 1,526
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 / Netscape 9 (pass 100%)



"98 Guy" wrote in message ...
Shane wrote:

What I'd like to know is who brought you boring fux0rs here?


And where exactly is here?


You are in a ME newsgroup, that's 'here'.
'98 is next door, comprente? H.
  #9  
Old March 5th 10, 01:05 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
98 Guy
External Usenet User
 
Posts: 2,951
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 /FF2.20 / Netscape 9 (pass 100%)

webster72n wrote:

What I'd like to know is who brought you boring fux0rs here?


And where exactly is here?


You are in a ME newsgroup, that's 'here'.
'98 is next door, comprente?


Apparently you don't understand the concept of cross-posting.

You win-me people shouldn't be so beligerent. I'm surprised you people
even exist. When are you going to come back to win-98?
  #10  
Old March 5th 10, 02:50 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general,microsoft.public.windows.inetexplorer.ie6.browser
webster72n
External Usenet User
 
Posts: 1,526
Default On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 / Netscape 9 (pass 100%)



"98 Guy" wrote in message ...
webster72n wrote:

What I'd like to know is who brought you boring fux0rs here?

And where exactly is here?


You are in a ME newsgroup, that's 'here'.
'98 is next door, comprente?


Apparently you don't understand the concept of cross-posting.

You win-me people shouldn't be so beligerent.


That describes you much better.
Here we are used to minding our own business.
Wish you would mind yours.

I'm surprised you people
even exist. When are you going to come back to win-98?


Don't hold your breath...
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
On-line Browser vulnerabilty-test website: Windows 98 / IE6 / FF2.20 /Netscape 9 (pass 100%) 98 Guy General 20 March 5th 10 01:16 PM
$$$$$$God News For all How To Turn Your Dull Website into MoneyMaking Website$$$$$$ dfg General 0 December 18th 07 10:11 AM
Problem Starting Browsers IE or Netscape in Windows ME marat General 2 September 29th 04 06:24 AM
Problem Starting Browsers IE or Netscape in Windows ME marat Software & Applications 2 September 29th 04 06:24 AM
Windows ME updates off-line? Ian General 3 July 23rd 04 11:31 AM


All times are GMT +1. The time now is 08:44 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Copyright 2004-2018 Win98banter.
The comments are property of their posters.