Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Few unreported vulnerabilities by SehaTo
From: 3APA3A <3APA3A () security nnov ru>
Date: Sun, 25 Feb 2007 19:12:08 +0300

Hello lists,

 SehaTo  (sehato at yandex ru) reported few vulnerabilities in different
 Windows  applications.  Original  messages (in Russian) may be found at

 1. Microsoft Windows Explorer corrupted WMF vulnerability

 Windows   explorer  (explorer.exe)  crashes  on  browsing  folder  with
 corrupted WMF files.

 SecurityVulns  note:  from  the very fast debugging results analysis on
 Windows  XP  SP2, there is potential code execution possibility (memory
 corruption),  because  attacker-controllable  data  is used to contruct
 both  read  and write memory addresses. Deeper research of exploitation
 possibility was not performed.

 2. IfranView / Microsoft Office 2003 malformed WMF crash

 IfranView  crashes  on  attempt to view malformed WMF, Microsoft Office
 crashes on attempt to insert corrupted WMF file.

 SecurityVulns note: because of relatively low impact, SecurityVulns did
 no research on this vulnerability.

 3. 2 different Microsoft Excel DoS conditions

 2 different crashes in Microsoft Excel on parsing .XLS files (corrupted
 XML and corrupted XLS formats).

 SecurityVulns  note: vulnerabilities confirmed on Microsoft Excel 2003.
 Both   vulnerabilities  are  of  NULL-pointer  dereference  type.  Code
 execution is probably impossible.


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • Few unreported vulnerabilities by SehaTo 3APA3A (Feb 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]