Re: iDEFENSE Security Advisory 04.12.05: Microsoft Windows CSRSS.EXE Stack Overflow Vulnerability

[monu () rootshell be]

Hello,

Beside the buffer overflow vulnerability, a DoS vulnerability is motioned as a result of a CONSOLE_STATE_INFO struct 
containing all zero's (divide-by-zero).

Is this vulnerability also fixed MS05-018? MS05-018 doesn't say a word about it.

Thanks in advance,

-Monu

[This mail has been send from http://www.rootshell.be.]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/