[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] info about recent Ms issue

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] info about recent Ms issue
From: c0ntex <c0ntexb@xxxxxxxxx>
Date: Sat, 15 Apr 2006 10:49:56 +0100

On 14/04/06, ad@xxxxxxxxxxxxxxxx <ad@xxxxxxxxxxxxxxxx> wrote:
> this is not a vulnerability for MS because the .hlp file is a script
> file and they believe that's not secured at all, c0ntex just posted a
> fresh advisory of something wich has been found years ago, disclosed
> hundred of times, but he looks to have time to loose.

Where is the "heap overflow" in Windows Help that has been discussed
thousands of times? I never once discussed the scriptable issue with
.hlp files because that is not my interest, my interest is in
manipulating process execution by overwriting memory.

Your english is good enough to talk bollox but obviously not good
enough to read.

Anyway, 4 more Windows heap overflows coming on their way just
awaiting your criticism  :-)

--

regards
c0ntex

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] info about recent Ms issue
  - From: redsand

References:
- [Full-disclosure] info about recent Ms issue
  - From: snowmo
- Re: [Full-disclosure] info about recent Ms issue
  - From: ad@xxxxxxxxxxxxxxxx

Prev by Date: Re: [Full-disclosure] MySpace or Montspace?
Next by Date: [Full-disclosure] Manila.userland.com XSS'able
Previous by thread: Re: [Full-disclosure] info about recent Ms issue
Next by thread: Re: [Full-disclosure] info about recent Ms issue
Index(es):
- Date
- Thread