[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] RE: Unchecked buffer in mstask.dll

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxx, tlarholm@xxxxxxxx
Subject: [Full-Disclosure] RE: Unchecked buffer in mstask.dll
From: psz@xxxxxxxxxxxxxxxxx (Paul Szabo)
Date: Thu, 15 Jul 2004 09:50:17 +1000 (EST)

Thor wrote about IconHandler starting mstask. Are there any other dangerous
IconHandler entries: is there a way we can reassure ourselves that the
others are safe?

Being curious, on Win2k, I copied cmd.exe (from winnt\system32) as xyz.pif;
then (right-click) Properties, Program crashes explorer. Is this related to
IconHandler, and is it exploitable?

Cheers,

Paul Szabo - psz@xxxxxxxxxxxxxxxxx  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll
  - From: Jordan Cole (stilist)
- [Full-Disclosure] RE: Unchecked buffer in mstask.dll
  - From: Dmitry Yu. Bolkhovityanov

Prev by Date: [Full-Disclosure] MDKSA-2004:070 - Updated freeswan and super-freeswan packages fix certificate chain authentication vulnerability
Next by Date: [Full-Disclosure] MDKSA-2004:068 - Updated php packages fix multiple vulnerabilities
Previous by thread: [Full-Disclosure] RE: Unchecked buffer in mstask.dll
Next by thread: Re: [Full-Disclosure] RE: Unchecked buffer in mstask.dll
Index(es):
- Date
- Thread