Re: CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel
From: ifsecure@xxxxxxxxx
Date: 7 Aug 2007 12:57:30 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Actually, this is not a jpg file. Although the exploit image is named as .jpg, 
its format is consistent with the windows metafile format, not the jpeg. It is 
already well known that there are unpatched bugs in wmf file processing in 
Windows which can crash the viewing application.

The same goes for recently published 'MS Windows Explorer.exe Gif Image Denial 
of Service Exploit'.

Prev by Date: Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities
Next by Date: Re: Konqueror: URL address bar spoofing vulnerabilities
Previous by thread: CORRECTION: EXPL0it FIXED :JPG PoC denial of service exploit by CrazyAngel
Next by thread: [security bulletin] HPSBMA02250 SSRT061275 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Execution of Arbitrary Code and Denial of Service (DoS)
Index(es):
- Date
- Thread