mailing list archives
BMP WMPlayer vulnerability
From: "Karma" <karma () designfolks com au>
Date: Thu, 16 Feb 2006 14:44:11 +1100
Anyone determined the offset where the heap alloc routine is located ? I diffed the two wmp.dll's and they are
significantly changed, I think the code is very much optimised in this release, many routines are changed. I have been
tracing the mallocs and GlobalAllocs without any luck. Hoping someone is having better luck than I.
Basically, it would be great to know if 0 is the only size that causes the error and how the error is handled.
Where is the size field located in the BMP metadata ?
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- BMP WMPlayer vulnerability Karma (Feb 16)