Full Disclosure mailing list archives
Re: Windows XP explorer.exe heap overflow
From: "Elia Florio" <eflorio () edmaster it>
Date: Wed, 25 Feb 2004 09:10:15 +0100
WinXP SP1 (fully patched) german is vuln to AN00010_.wmf explorer.exe hogs 100% cpu speed. tom
I can confirm that my WinXP SP1 (ITALIAN) fully patched
except for these two updates :
KB832894 - MS04-004 (%01 vuln in URL string)
KB828028 - MS04-007 (ASN.1 library bug)
is vuln. to malformed EMF and WMF files.
EXPLORER.EXE goes to 99% CPU usage during preview/rendering of malformed
images.
I've tried to attach a .WMF in a mail message and also Outlook Express
is vuln.; when user receives an email message, OE try to display preview of
images and hang up. Killing OE will not cause any problem to EXPLORER.EXE.
EF
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Windows XP explorer.exe heap overflow Tom Koehler (Feb 24)
- Re: Windows XP explorer.exe heap overflow Elia Florio (Feb 25)
- RE: Windows XP explorer.exe heap overflow Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- Re: Windows XP explorer.exe heap overflow Elia Florio (Feb 25)
