matrix screensvr(16 Bit CineMac Screen Saver Engine) - [input validation error?]

["knud_erik højgaard" <knudergud () hotmail com>]

Moderator, if this bug is known please reject my posting.

Disclaimer: Dont bother me if this affects you. I really dont care.

content: paranthesis hell.

Description:
'The matrix code screensaver' - created using '16 Bit CineMac Screen Saver 
Engine (avail. at www.screentime.com'(which is probably responsible for 
this) - (it scrolls nice 'matrix-like' green graphics across the screen, i 
bet you've seen it)) available at http://knudergud.dk/matrix.exe 
($crc==29B3E21A) ((and a LOT of other places) - virus clean area, i know its 
an .exe, but it was distributed this way 'cause it's an installer - perform 
tests in closed labs etc. etc.)) contains perhaps the worst error i have 
seen to date.
The program apparently performs it's own password checking instead of using 
the windows screensaver routine, god knows why. They even made it look just 
like the real thing, but its not. One word: insufficient.

'Exploit':

/* Begin:
-=souper==douper==l337==h4xx0r==0-d4y==spl0it==scriptkiddies==might==wanna==alter==this==hint==substitute=='keypress'==with==reset==button=-
*/

activate the 'ask-for-password' field in any way by performing a keypress or 
mouse movement, when the password dialog comes up press cancel and swiftly 
do anything else, like a keypress or mouse movement. Hey presto, screensaver 
gone.
/*
-=souper==douper==l337==h4xx0r==0-d4y==spl0it==scriptkiddies==might==wanna==alter==this==hint==substitute=='keypress'==with==reset==button=-
:end */

thought:
I had some thoughts on this, but i forgot them. Someone else might care to 
elaborate this, and someone might even have a copy of the CineMac Screen 
Saver Engine available for testing.

/*upon redistribution of this please keep the facts straight.*/

the matrix has you.. yeah.


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp