[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] MS04-032 Exploit for Microsoft Windows Metafile (.emf) Heap Overflow

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] MS04-032 Exploit for Microsoft Windows Metafile (.emf) Heap Overflow
From: Stephen Jimson <alf1num3rik@xxxxxxxxx>
Date: Wed, 20 Oct 2004 11:26:36 -0700 (PDT)

Microsoft Windows Metafile (.emf) Heap Overflow
Exploit (MS04-032)

http://www.k-otik.com/exploits/20041020.HOD-ms04032-emf-expl2.c.php

 * The vulnerability will be triggered by either
viewing a malicious 
 * file or by navigating to a directory, which
contains a malicious 
 * file and displays it as a thumbnail. 
 * 
 * Graphics Rendering Engine Vulnerability -
CAN-2004-0209 
 *
-------------------------------------------------------------------

 * Tested on: 
 *    - Internet Explorer 6.0 (SP1) (iexplore.exe) 
 *    - Explorer (explorer.exe) 
 *    - Windows XP SP1 




                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] RE: How to Break Windows XP SP2 + Internet Explorer 6 SP2
Next by Date: Re: [Full-Disclosure] interesting trojan found
Previous by thread: [Full-Disclosure] WMF/EMF exploit in cooperation with outlook CID: stuff
Next by thread: [Full-Disclosure] Re: Mozilla crashes
Index(es):
- Date
- Thread