Full Disclosure mailing list archives
RE: REWMF Risk Analysis for Win9X anyone ?
From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 6 Jan 2006 13:53:52 -0600
The same as for Windows NT and 2000 - files without the placeable header will not display automatically in applications such as Internet Explorer, and files with the placeable header are not allowed to call the vulnerable function. However, applications other than Internet Explorer, which do recognise files without the placeable header, can call directly into the GDI!PlayMetaFile() function, which will eventually call into the vulnerable function.
ESET did provide a WMF patch as well. As far as I can remember this did work for Windows 98 and ME. But they have since removed the patch. Anyone got a copy laying around for out Win9x users? Lol -Todd _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: REWMF Risk Analysis for Win9X anyone ? Todd Towles (Jan 06)