| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Mar 2007 15:46:44 +0200 From: "Michal Majchrowicz" <m.majchrowicz@...il.com> To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk Subject: Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability It seems that Vista has some problems with ATI drivers. It was already reported that file atikmdag.sys can cause BSoD after leaving the game (http://leovilletownsquare.com/fusionbb/showtopic.php?tid/17600/ ). Today user with nickname Olo contacted my and by making some tests we where able to determine that there are more problems with this driver and Vista. We where using this configuration: http://sectroyer.110mb.com/vuln/hardware.jpg Everytime you try to turn on the slideshow with a JPG file in the folder you get BSoD (http://sectroyer.110mb.com/vuln/vista_bsod.jpg ). You can test it by turning on the slideshow in the following directory: c:Windows\Web\Wallpaper\ Since this case cannot be connect with 2d-3d mode changes it seems that there is some vulnerability directly in Windows Vista which cause this BSoD in atikmdag.sys (ATI Kernel Driver). This vulnerability can be used as a DoS but Code Execution haven't been confirmed or denied. Regards Michael Majchrowicz. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists