RE: AOL AIM Instant Messenger Buddy Icon "ateimg32.dll" DoS

[<auto447062 () hushmail com>]

> ...The vulnerability exists within the GIF parser in 
"ateimg32.dll"...

Tests:
1. W2k - all updates, logged in w/admin rights.
- Opening in Adobe Photoshop 5.5 (most standard plain vanilla 
graphic parsers, I believe) - Photoshop hung without any error 
messages.
- Firefox 1.0.4 - "broken image" icon
- IE 6.0.2800.1106 - blank page, no errors, but slow.
2. XP SP2 with all updates, logged in as local user with veeeeery 
limited rights
- IrfanView 3.97 - "Invalid or unsupported GIF file" error
- IE 6.0.2900.2180 SP2does not return any error, shows a blank page 
- _not_ a broken image icon.
- Windows Image and Fax Viewer - no error, blank page with "No 
preview available, did not hung.
3. Now, a strange, perverted fun - logged into the same XP with 
admin rights - IE silently dies, nothing in Events Log.
4. Going now to local Macs, will post if there's anything of 
interest...

I've got a feeling that it's not just an AIM problem. Aim higher 
%^)



Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/