[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [Code-Crunchers] windows vulnerability? [was: Re: 137 bytes]

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] [Code-Crunchers] windows vulnerability? [was: Re: 137 bytes]
From: "Peter Ferrie" <pferrie@xxxxxxxxxxxx>
Date: Wed, 8 Nov 2006 10:16:18 -0800

> Using the PE as a vector to attack the PE loader with
> (potential!) code execution for privilage esclation.
> Using the PE itself as a vector of attack.

I made a malformed PE file that caused a BSOD in all Windows
versions, including XP SP1.  99 bytes. :-)
I don't know if it was exploitable, and Microsoft said "it's
not a vulnerability", but then they silently fixed it.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] [Code-Crunchers] windows vulnerability? [was: Re: 137 bytes]
  - From: Gadi Evron

Prev by Date: [Full-disclosure] TSRT-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability
Next by Date: Re: [Full-disclosure] [Code-Crunchers] windows vulnerability? [was: Re: 137 bytes]
Previous by thread: Re: [Full-disclosure] [Code-Crunchers] windows vulnerability? [was: Re: 137 bytes]
Next by thread: [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Desktop
Index(es):
- Date
- Thread