| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <12E557CB77632E4B8ECFD605C518C12B3DA2F8@dm-mail.dm.local> From: cmacfarlane at Drummond-Miller.co.uk (Cassidy Macfarlane) Subject: GDIPLUS VULN - MS04-028 - CRASH TEST JPEG I found this almost exactly two years ago. http://www.securityfocus.com/archive/82/290856 I did not put much dev effort into it at the time, but it has been around for a while...... I'm just glad they sneaked the patch into SP2. I remember thinking at the time - 'hrm, if I wrote some shellcode to overwrite system mem, then I could have a .jpg that could TAKE OVER THE WORLD' I'm regretting not putting my full efforts in to this...can you tell? -----Original Message----- From: Elia Florio [mailto:eflorio@...aster.it] Sent: 15 September 2004 14:15 To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] GDIPLUS VULN - MS04-028 - CRASH TEST JPEG Hi list, this is the JPEG able to reproduce the crash reported in the bullettin MS04-028. http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx Look at FFFE0001 or FFFE0000 signature in the JFIF header. Tested on Windows XP Prof SP1 [gdiplus.dll ver 5.1.3097.0] [eflorio] ________________________________________________ Messaggio inviato da Edizioni Master Webmail http://mbox.edmaster.it _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists