[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: RE: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)
- From: "Edward Pearson" <Ed@xxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 10 Jan 2006 14:32:13 -0000
As far as I can tell this isn't exploitable, can I get a second on that?
________________________________
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Drew
Masters
Sent: 10 January 2006 12:20
To: Andrey Bayora
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] PoC for the 2 new WMF vulnerabilities
(DoS)
Not sure if it's been previously mentioned...
It's possible to cause similiar crashes by making a malformed call to
startdoc instead of setabortproc with 64bytes of garbage data.
Cheers
Drew
On 09/01/06, Andrey Bayora <andrey@xxxxxxxxxxxxxxx> wrote:
Hello list,
In case, someone interested:
Here is the PoC for the 2 new WMF vulnerabilities discovered by
cocoruder
(http://ruder.cdut.net) and does not covered by MS06-001.
You can download WMF images at:
http://www.securityelf.org/files/WMF-DoS.rar
Regards,
Andrey.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/