Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: Re: Re: GDI+ and Internet Explorer question

Re: Re: GDI+ and Internet Explorer question

From: <gljuposti_at_gmail.com>
Date: 12 Jun 2007 13:33:43 -0000
('binary' encoding is not supported, stored as-is) Thanks! Nice trick with renaming to metafile. Though I noticed it doesn't work with most image formats (for example bmp, gif and jpg are also opened in IE after renaming). Is there also a way to force these to be opened with GDI+ remotely?
Another question, does anyone know if IE image decoders use some standard components? For example, does it use IJG JPEG library for JPEG format, libpng for PNG format or something similar? Or new decoders were written for IE only?

> IE has its own image decoders for many image
> types (jpeg, ico, etc). You can trigger this
> bug remotely by renaming your .ico to .emf
> or .wmf, which forces it be opened by the
> Picture and Fax Viewer using GDI+.
Received on Jun 12 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos