lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20100115154116.7D7B7B00B6@smtp.hushmail.com>
Date: Fri, 15 Jan 2010 16:41:16 +0100
From: auto489361@...hmail.com
To: full-disclosure@...ts.grok.org.uk
Subject: avi crashes explorer.exe if samsung pc studio
	fun_avcodec.dll present

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Attached 192 bytes long 192.avi file crashes explorer.exe if
fun_avcodec.dll is present in system.

fun_avcodec.dll is installed (at least) with samsung pc studio
software for samsung mobile phones.

Tested with win xp sp3. Install samsung pc studio 3.x, open folder
with 192.avi, explorer.exe crashes.

AppName: explorer.exe AppVer: 6.0.2900.5512 ModName: fun_avcodec.dll
ModVer: 0.0.0.0 Offset: 0000301a

Example path to .dll:
C:\Program Files\Samsung\Samsung PC Studio 3\fun_avcodec.dll

Rename fun_avcodec.dll to fun_avcodec.XXX or similar to avoid crash.

No idea if this is not a real problem (for samsung pc studio users)
or if it can be exploited any further. Try and find out...
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wpwEAQMCAAYFAktQjJwACgkQHhsUKXCg1Haz0gP9HuHhtbaD9J1wkSiGbhUOyhfQueUh
10v4efxgLj/Dw4iX07G27YAdTPJGg//Zt4oGY2N/fKF00Ab/tgfkGotNWLiD6W7RtTdW
tykkM6Z6ahsar1k7phXb4qDr5Mw8xshE3GL3TNL+f7AoD62fjJuNSQm96FEztsO1vKlg
hafW9DU=
=YkJz
-----END PGP SIGNATURE-----

Download attachment "192.zip" of type "binary/octet-stream" (535 bytes)

View attachment "192.zip.sig" of type "text/plain" (308 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ