Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability

To: Micha³ Majchrowicz <mmajchrowicz@xxxxxxxxx>
Subject: Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability
From: 3APA3A <3APA3A@xxxxxxxxxxxxxxxx>
Date: Thu, 29 Mar 2007 12:07:28 +0400
Cc: vulndiscuss@xxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <3d3168e50703251320l10be5660g37de0ea125af4505@xxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: http://www.security.nnov.ru
References: <3d3168e50703251320l10be5660g37de0ea125af4505@xxxxxxxxxxxxxx>
Reply-to: 3APA3A <3APA3A@xxxxxxxxxxxxxxxx>

Dear Micha³ Majchrowicz,

This  image  also effectively exploits stack overflow in FastStone Image
Viewer 2.8, EIP is 0x41414141.

--Monday, March 26, 2007, 12:20:07 AM, you wrote to vulndiscuss@xxxxxxxxxxxxx:

MM> Everytime  you  try  to turn on the slideshow with a JPG file in the
MM> folder                  you                 get                 BSoD
MM> (http://sectroyer.110mb.com/vuln/vista_bsod.jpg). You can test it by
MM> turning    on    the   slideshow   in   the   following   directory:
MM> c:Windows\Web\Wallpaper\  Since  this  case  cannot  be connect with


-- 
~/ZARAZA http://securityvulns.com/
Ïàòðèîòèçì - ýòî òà æå ðåëèãèÿ. (Òâåí)

Prev by Date: rPSA-2007-0061-1 inkscape
Next by Date: Re: Bypass phishing protection in Firefox / Opera
Previous by thread: rPSA-2007-0061-1 inkscape
Next by thread: Xoops Module Friendfinder <= 3.3 (view.php id) BLIND SQL Injection Exploit
Index(es):
- Date
- Thread