Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: REWMF Risk Analysis for Win9X anyone ?

From: "Todd Towles" <toddtowles () brookshires com>
Date: Fri, 6 Jan 2006 13:53:52 -0600
 

The same as for Windows NT and 2000 - files without the 
placeable header will not display automatically in 
applications such as Internet Explorer, and files with the 
placeable header are not allowed to call the vulnerable function.
However, applications other than Internet Explorer, which do 
recognise files without the placeable header, can call 
directly into the GDI!PlayMetaFile() function, which will 
eventually call into the vulnerable function.


ESET did provide a WMF patch as well. As far as I can remember this did
work for Windows 98 and ME. But they have since removed the patch.
Anyone got a copy laying around for out Win9x users? Lol

-Todd

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: