Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

GDI+ and Internet Explorer question

From: gljuposti () gmail com
Date: 9 Jun 2007 11:40:08 -0000
From reading about previous GDI+ vulnerability reports (such as JPEG overflow) I got an impression that Internet 
Explorer was using GDI+ to decode images. However, looking at the newfound GDI+ ICO vulnerability, I noticed that the 
PoC 


http://www.securityfocus.com/data/vulnerabilities/exploits/24346.ico

fails to crash my Internet Explorer. So I was wondering, does Internet Explorer utilizes GDI+ for image decoding? If it 
does not, what component(s) does it use?
TIA
Previous By Date Next
Previous By Thread Next

Current thread: