Home page logo

fulldisclosure logo Full Disclosure mailing list archives

silly little Explorer XP DoS
From: Peter Ferrie <pferrie () symantec com>
Date: Mon, 15 Mar 2004 13:40:59 -0800

Background: Windows Explorer for Windows XP will automatically parse
.WMF files for validity when browsing the directory that contains them.
No need to click on anything at all.

Bug: GDI32!SetMetaFileBitsEx (which does the parsing) does not check
for records of zero length, resulting in an infinite loop when one is
encountered, and making the system very slow.

Demo: can be done in 24 bytes.  Very silly.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • silly little Explorer XP DoS Peter Ferrie (Mar 15)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]