|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] silly little Explorer XP DoS
From: Peter Ferrie (pferrie
symantec.com)
Date: Mon Mar 15 2004 - 15:40:59 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Background: Windows Explorer for Windows XP will automatically parse
.WMF files for validity when browsing the directory that contains them.
No need to click on anything at all.
Bug: GDI32!SetMetaFileBitsEx (which does the parsing) does not check
for records of zero length, resulting in an infinite loop when one is
encountered, and making the system very slow.
Demo: can be done in 24 bytes. Very silly.
--
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]