funsec mailing list archives
RE: Are Office document files also an attack vector for the.WMF flaw?
From: "Peter Kruse" <kruse () krusesecurity dk>
Date: Thu, 29 Dec 2005 22:40:53 +0100
Hi Richard, Correct, as long as the MWF files is being parsed by Microsoft Windows Picture and Fax Viewer (SHIMGVW.DLL), and in this case it will, potentiel hostile code nested inside the WMF, will get executed into memory. Regards Peter -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Richard M. Smith Sent: 29. december 2005 16:34 To: funsec () linuxbox org Subject: [funsec] Are Office document files also an attack vector for the.WMF flaw? I suspect that a booby-trapped .WMF file can be embedded in Office files (Word, Excel, PowerPoint, ....) and will auto-execute when a document file is opened. Richard M. Smith http:/www.ComputerBytesMan.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Are Office document files also an attack vector for the .WMF flaw? Richard M. Smith (Dec 29)
- Re: Are Office document files also an attack vector for the .WMF flaw? Tom Van Vleck (Dec 29)
- RE: Are Office document files also an attack vector for the.WMF flaw? Peter Kruse (Dec 29)
- RE: Are Office document files also an attack vector for the.WMF flaw? Larry Seltzer (Dec 30)