| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <cacf93c50809100207v7303bf6ck5e7b2a55d5269511@mail.gmail.com> Date: Wed, 10 Sep 2008 11:07:31 +0200 From: "Ivan Fratric" <ifsecure@...il.com> To: bugtraq@...urityfocus.com Subject: Windows GDI+ GIF memory corruption There is a memory corruption vulnerability with GIF file processing in Microsoft GDI+ that can be used to crash a vulnerable application and potentially execute arbitrary code. ################### #The vulnerability# ################### The vulnerability is caused due to improper handling of graphic control extension when processing malformed GIF files. The vulnerability can be triggered if a large number of extension markers (0x21) followed by unknown labels is found when processing a GIF file. ######## #Impact# ######## This vulnerability can be used to corrupt memory of any application utilizing GDI+ for GIF file decoding if it is used to open a malformed GIF file. This could lead to code execution with the privileges of the user running the vulnerable application. ############ #References# ############ http://ifsec.blogspot.com/2008/09/windows-gdi-gif-memory-corruption.html http://www.zerodayinitiative.com/advisories/ZDI-08-056/ http://www.microsoft.com/technet/security/bulletin/ms08-052.mspx http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3013
Powered by blists - more mailing lists