[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <00be01c3fb76$cdf516d0$0300000a@Accenture.com>
From: eflorio at edmaster.it (Elia Florio)
Subject: Windows XP explorer.exe heap overflow
> WinXP SP1 (fully patched) german is vuln to AN00010_.wmf
> explorer.exe hogs 100% cpu speed.
> tom
I can confirm that my WinXP SP1 (ITALIAN) fully patched
except for these two updates :
KB832894 - MS04-004 (%01 vuln in URL string)
KB828028 - MS04-007 (ASN.1 library bug)
is vuln. to malformed EMF and WMF files.
EXPLORER.EXE goes to 99% CPU usage during preview/rendering of malformed
images.
I've tried to attach a .WMF in a mail message and also Outlook Express
is vuln.; when user receives an email message, OE try to display preview of
images and hang up. Killing OE will not cause any problem to EXPLORER.EXE.
EF
Powered by blists - more mailing lists