<<< Date Index >>>     <<< Thread Index >>>

WMF Exploit



I apologize if this information has already been posted; I haven?t been able to 
read all the posts today. Many of the exploit descriptions that I?ve seen 
reference .WMF files. Like prior GDI exploits, this isn?t strictly true. If the 
exploit file is named with another graphics extension (i.e. .gif, .jpg, .png, 
.tif), the GDI library will still read it correctly as a WMF file and execute 
the exploit. As a result, all common graphics files can carry the exploit.

David Byrne