mailing list archives
RE: Re: [ GLSA 200601-09 ] Wine:Windows MetafileSETABORTPROC vulnerability
From: "Peter Ferrie" <pferrie () symantec com>
Date: Fri, 13 Jan 2006 14:17:02 -0800
Can anyone else verify Steve Gibson's assertion that this
flaw was intentionally placed by Microsoft programmers?
It's insecure-by-design, but it's working exactly as written.
It's been in there for _15_ years, and ported to every version of Windows.
Windows 3.0 supports it. :-/
The way I read what he's saying there, he's saying that you enter
malformed input and that malformed input pushes the executable code into
position to be executed...
There is no need for malformed input, though.
The description isn't great, since upon return from the function, Windows
will resume parsing the records in the usual way.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/