lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <00be01c3fb76$cdf516d0$0300000a@Accenture.com>
From: eflorio at edmaster.it (Elia Florio)
Subject: Windows XP explorer.exe heap overflow

> WinXP SP1 (fully patched) german is vuln to AN00010_.wmf
> explorer.exe hogs 100% cpu speed.
> tom

I can confirm that my WinXP SP1 (ITALIAN) fully patched
except for these two updates :

    KB832894 - MS04-004 (%01 vuln in URL string)
    KB828028 - MS04-007 (ASN.1 library bug)

is vuln. to malformed EMF and WMF files.

EXPLORER.EXE goes to 99% CPU usage during preview/rendering of malformed
images.

I've tried to attach a .WMF in a mail message and also Outlook Express
is vuln.; when user receives an email message, OE try to display preview of
images and hang up. Killing OE will not cause any problem to EXPLORER.EXE.

EF


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ