lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 09 May 2006 22:27:17 +0200
From: Reversemode <advisories@...ersemode.com>
To: bugtraq@...urityfocus.com
Subject: [Reversemode] Microsoft Infotech Storage library Heap Corruption


Microsoft Infotech Storage System Library (itss.dll) is prone to a heap
corruption vulnerability. This issue is due to the failure of the
library to properly check a specially crafted CHM file.
The successful exploitation of this flaw would allow to execute
arbitrary code.

Itss.dll is the system library, which deals with CHM/ITS format.

Microsoft rates the CHM file format as potentially dangerous,similar to
an executable file. Nevertheless, this flaw is triggered just
decompiling the malicious CHM file (using hh -decompile), thus malicious
attackers could trick the user to perform this operation or even,
advanced users or researchers could try to decompile before opening it.

Microsoft plans to address this issue in the next Service Pack. Due to
this fact, users of certain Windows versions should implement their own
protection mechanism.

Advisory  and proof of concept available at www.reversemode.com

Regards,
Rubén Santamarta

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ