Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

REWMF Risk Analysis for Win9X anyone ?
From: "Peter Ferrie" <pferrie () symantec com>
Date: Fri, 6 Jan 2006 08:49:22 -0800

Did anyone conduct a compreensive risk analysis of the WMF vulnerability
for Win9X/ME systems ? ISC analysis is very ambiguous, and MS position
on the issue is more on the lines of "we don't want to be bothered".

What ARE the real risks (or lack of them) for Win9X/ME systems ?
 
The same as for Windows NT and 2000 - files without the placeable header will not display automatically in applications 
such as Internet Explorer, and files with the placeable header are not allowed to call the vulnerable function.
However, applications other than Internet Explorer, which do recognise files without the placeable header, can call 
directly into the GDI!PlayMetaFile() function, which will eventually call into the vulnerable function.
 
8^) p.
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault