Full Disclosure mailing list archives

Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows

From: Valdis.Kletnieks () vt edu
Date: Thu, 27 Dec 2007 13:11:03 -0500

On Thu, 27 Dec 2007 10:05:08 EST, Elazar Broad said:

After some more analysis by Carsten Eiram @ Secunia, this is NOT exploitable.
I would like to apologize for the hasty post. SecurityFocus, please update bid
27026 to reflect the fact that at most, this can just crash the browser.


And sometimes you get stuck at 95% of the way there. ;)

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad (Dec 26)
- <Possible follow-ups>
- Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad (Dec 26)
- Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Elazar Broad (Dec 27)
  - Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows Valdis . Kletnieks (Dec 27)
  - Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows reepex (Dec 27)