| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <444121CD.5000208@redsand.net> Date: Sat Apr 15 17:41:57 2006 From: redsand at redsand.net (redsand) Subject: info about recent Ms issue damn.. contex += 1; -redsand c0ntex wrote: > On 14/04/06, ad@...poverflow.com <ad@...poverflow.com> wrote: > >> this is not a vulnerability for MS because the .hlp file is a script >> file and they believe that's not secured at all, c0ntex just posted a >> fresh advisory of something wich has been found years ago, disclosed >> hundred of times, but he looks to have time to loose. >> > > Where is the "heap overflow" in Windows Help that has been discussed > thousands of times? I never once discussed the scriptable issue with > .hlp files because that is not my interest, my interest is in > manipulating process execution by overwriting memory. > > Your english is good enough to talk bollox but obviously not good > enough to read. > > Anyway, 4 more Windows heap overflows coming on their way just > awaiting your criticism :-) > > -- > > regards > c0ntex > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists