| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 42838 | 2004-02-24 05:12:00 | Another Windows Flaw | mark.p (383) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 217793 | 2004-02-24 05:12:00 | For those interested- A malformed .emf (Enhanced Metafile, a graphics format) file can cause an exploitable heap overflow in (or near) shimgvw.dll. To exploit this flaw (in explorer), simply place a malformed (invalid "size" field) .emf file in any directory, open explorer to that path, and view as Thumbnails. Bang. In it's simplest form it's a DOS - it affects all explorer windows, including File Open dialogs for many programs. Arbitrary code execution. |
mark.p (383) | ||
| 217794 | 2004-02-24 09:01:00 | So how do you make a file have an "invalid size field"? ;-) |
Chilling_Silently (228) | ||
| 1 | |||||