[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: RE: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)
- From: "Michael Bringle" <mbringle@xxxxxxxx>
- Date: Mon, 9 Jan 2006 16:10:34 -0800
Yes, I just tested and our PreEmpt product also protects against
those since December 7th. It is quite scary that the MS patches don't
because of how simple this would have been to stop. Don't they check
the command to be run against the set of valid commands? Well I guess
that answer to that is no. Maybe third time is a charm! BTW thanks for
the PoC links.
Michael Bringle
Director of Engineering
PivX Solutions, Inc.
http://www.pivx.com/HomeOffice/
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Andrey
Bayora
Sent: Monday, January 09, 2006 2:35 PM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)
Hello list,
In case, someone interested:
Here is the PoC for the 2 new WMF vulnerabilities discovered by
cocoruder
(http://ruder.cdut.net) and does not covered by MS06-001.
You can download WMF images at:
http://www.securityelf.org/files/WMF-DoS.rar
Regards,
Andrey.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/