[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SV: [Full-Disclosure] Sans GDI scan says still vulnerable after patching

To: "BillyBobKnob" <billybobknob@xxxxxxxxxxx>, "Full Disclosure" <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: SV: [Full-Disclosure] Sans GDI scan says still vulnerable after patching
From: "Peter Kruse" <kruse@xxxxxxxxxxxxxxxx>
Date: Wed, 6 Oct 2004 18:30:38 +0200

Hi Billy,

Copy your updated gdiplus.dll file and overwrite the vulnerable DLL's.
Please note that this procedure might provent third part software from
working proberly.

>F:\WINDOWS\system32\dllcache\sxs.dll

See: http://support.microsoft.com/?kbid=236995

>F:\WINDOWS\system32\sxs.dll

This usally occurs when third part software is installed on the system.
Their DLL's might be based upon the vulnerable version from MS. You shold
make a backup of the vulnerable DLL's and overwite them with the new patched
version. If this doesn't give any problems, with any other software you've
installed, you can always delete the backup.

Regards
Peter Kruse
http://www.csis.dk


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Sans GDI scan says still vulnerable after patching
  - From: BillyBobKnob

Prev by Date: RE: [Full-Disclosure] Sans GDI scan says still vulnerable after patching
Next by Date: [Full-Disclosure] Dominos web access testing
Previous by thread: RE: [Full-Disclosure] Sans GDI scan says still vulnerable after patching
Next by thread: RE: [Full-Disclosure] Sans GDI scan says still vulnerable after patching
Index(es):
- Date
- Thread