lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: eflorio at edmaster.it (Elia Florio) Subject: Windows XP explorer.exe heap overflow > WinXP SP1 (fully patched) german is vuln to AN00010_.wmf > explorer.exe hogs 100% cpu speed. > tom I can confirm that my WinXP SP1 (ITALIAN) fully patched except for these two updates : KB832894 - MS04-004 (%01 vuln in URL string) KB828028 - MS04-007 (ASN.1 library bug) is vuln. to malformed EMF and WMF files. EXPLORER.EXE goes to 99% CPU usage during preview/rendering of malformed images. I've tried to attach a .WMF in a mail message and also Outlook Express is vuln.; when user receives an email message, OE try to display preview of images and hang up. Killing OE will not cause any problem to EXPLORER.EXE. EF