Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: RE WMF Risk Analysis for Win9X anyone ?

RE WMF Risk Analysis for Win9X anyone ?

From: Peter Ferrie <pferrie_at_symantec.com>
Date: Fri, 6 Jan 2006 08:49:22 -0800

>Did anyone conduct a compreensive risk analysis of the WMF vulnerability
>for Win9X/ME systems ? ISC analysis is very ambiguous, and MS position
>on the issue is more on the lines of "we don't want to be bothered".
>
>What ARE the real risks (or lack of them) for Win9X/ME systems ?
 
The same as for Windows NT and 2000 - files without the placeable header will not display automatically in applications such as Internet Explorer, and files with the placeable header are not allowed to call the vulnerable function.
However, applications other than Internet Explorer, which do recognise files without the placeable header, can call directly into the GDI!PlayMetaFile() function, which will eventually call into the vulnerable function.
 
8^) p.
 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Jan 06 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]