[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE[Full-disclosure] WMF Risk Analysis for Win9X anyone ?

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE[Full-disclosure] WMF Risk Analysis for Win9X anyone ?
From: "Peter Ferrie" <pferrie@xxxxxxxxxxxx>
Date: Fri, 6 Jan 2006 08:49:22 -0800

>Did anyone conduct a compreensive risk analysis of the WMF vulnerability
>for Win9X/ME systems ? ISC analysis is very ambiguous, and MS position
>on the issue is more on the lines of "we don't want to be bothered".
>
>What ARE the real risks (or lack of them) for Win9X/ME systems ?
 
The same as for Windows NT and 2000 - files without the placeable header will 
not display automatically in applications such as Internet Explorer, and files 
with the placeable header are not allowed to call the vulnerable function.
However, applications other than Internet Explorer, which do recognise files 
without the placeable header, can call directly into the GDI!PlayMetaFile() 
function, which will eventually call into the vulnerable function.
 
8^) p.
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: RE[Full-disclosure] WMF Risk Analysis for Win9X anyone ?
  - From: Technica Forensis

References:
- [Full-disclosure] WMF Risk Analysis for Win9X anyone ?
  - From: Rodrigo Barbosa

Prev by Date: Re: [Full-disclosure] Re: what we REALLY learned from WMF
Next by Date: Re: [Full-disclosure] WMFs blocked with MIME
Previous by thread: [Full-disclosure] WMF Risk Analysis for Win9X anyone ?
Next by thread: Re: RE[Full-disclosure] WMF Risk Analysis for Win9X anyone ?
Index(es):
- Date
- Thread