Vulnerability Development mailing list archives
possible format string in ultra edit 8.00
From: Thijs Dalhuijsen <thijs () abzurd com>
Date: Fri, 16 May 2003 12:28:14 +0200
don't know if this is exploitable or not, .. not even sure i want to know ;) but inproper handling of values could mean more interesting things i recon.... ultraedit allows for you to edit files located on an ftp server. Account-data gets saved in the machine registry instead of the user registry so all users on the computer can view and use each others 'bookmarks' if you use square brackets ([]) in the account name ultraedit flips and can't load in the appropriate data. no idea what level or what causes it. but being an very popular programmers tool on win32 i thought i'd mention it. happy hunting, thijs -- perl -pe 'tr/izeasgtbgo/1234567890/;$_=0.5<=rand(1)?lc$_:uc$_;'
Current thread:
- vulndev-1 and a suggestion about the ensuing discussion Bernie Cosell (May 15)
- <Possible follow-ups>
- Re: vulndev-1 and a suggestion about the ensuing discussion xenophi1e (May 15)
- possible format string in ultra edit 8.00 Thijs Dalhuijsen (May 16)
- safe mallocs (was Re: vulndev-1 and a suggestion about the ensuing discussion) Bennett Todd (May 16)
- RE: vulndev-1 and a suggestion about the ensuing discussion Michael Wojcik (May 15)
- Re: vulndev-1 and a suggestion about the ensuing discussion xenophi1e (May 16)
- Re: vulndev-1 and a suggestion about the ensuing discussion Valdis . Kletnieks (May 17)