Full Disclosure mailing list archives
Re: Skype 5.3.*.5.2.* Critical Pointer Vulnerability
From: Mario Vilas <mvilas () gmail com>
Date: Tue, 23 Aug 2011 01:06:03 +0200
Oh, and BTW... --- Violation Exception Log --- 0:034> g (f10.ed4): Unknown exception (first chance) (f10.ed4): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=c07ca54b ebx=a96959bc ecx=d8f10db2 edx=0000155f esi=d7263481 edi=3e294540 eip=25c50116 esp=37f91000 ebp=50601616 iopl=0 nv up ei pl nz na po nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010202 25c50116 cd01 int 1 0:000> !exchain 0018e8f8: Skype+8be3a0 (00cbe3a0) This doesn't look like an exploitable buffer overflow to me. I think you just stumbled upon Skype's anti-debug measures. On Tue, Aug 23, 2011 at 1:02 AM, Mario Vilas <mvilas () gmail com> wrote:
Perhaps you should post the contents of the advisory here as well. Many people won't happily click on a link without any explanations. On Mon, Aug 22, 2011 at 9:14 PM, Levent Kayan <levonkayan () gmx net> wrote:hello, http://vulnerability-lab.com/get_content.php?id=180 cheers, noptrix -- Name: Levent 'noptrix' Kayan E-Mail: noptrix () lamergarten net GPG key: 0x014652c0 Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0 Homepage: http://www.noptrix.net/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- “There's a reason we separate military and the police: one fights the enemy of the state, the other serves and protects the people. When the military becomes both, then the enemies of the state tend to become the people.” _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- “There's a reason we separate military and the police: one fights the enemy of the state, the other serves and protects the people. When the military becomes both, then the enemies of the state tend to become the people.”
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Skype 5.3.*.5.2.* Critical Pointer Vulnerability Levent Kayan (Aug 22)
- Re: Skype 5.3.*.5.2.* Critical Pointer Vulnerability Mario Vilas (Aug 22)
- Re: Skype 5.3.*.5.2.* Critical Pointer Vulnerability Mario Vilas (Aug 22)
- Re: Skype 5.3.*.5.2.* Critical Pointer Vulnerability Mario Vilas (Aug 22)