Home page logo

fulldisclosure logo Full Disclosure mailing list archives

BMP WMPlayer vulnerability
From: "Karma" <karma () designfolks com au>
Date: Thu, 16 Feb 2006 14:44:11 +1100

Anyone determined the offset where the heap alloc routine is located ? I diffed the two wmp.dll's and they are 
significantly changed, I think the code is very much optimised in this release, many routines are changed. I have been 
tracing the mallocs and GlobalAllocs without any luck. Hoping someone is having better luck than I.

Basically, it would be great to know if 0 is the only size that causes the error and how the error is handled. 

Where is the size field located in the BMP metadata ? 
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]