Bugtraq mailing list archives
WordPad/riched20.dll buffer overflow
From: pauli_ojanpera () HOTMAIL COM (Pauli Ojanpera)
Date: Thu, 18 Nov 1999 10:43:03 CET
Just if someone needs to know... Win98/NT4 Riched20.dll (which WordPad uses) has a classic buffer overflow problem with ".rtf"-files. Crashme.rtf: {\rtf\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA} A malicious document may probably abuse this to execute arbitary code. WordPad crashes with EIP=41414141. Someone else do deeper investigation since I don't care to. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- WordPad/riched20.dll buffer overflow Pauli Ojanpera (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Bronek Kozicki (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 18)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 24)
- (no subject) Swen Persson (Nov 24)
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte (Nov 24)
- Re: WordPad/riched20.dll buffer overflow pedward () WEBCOM COM (Nov 26)
- Re: WordPad/riched20.dll buffer overflow Christopher Rhodes (Nov 26)
- Re: WordPad/riched20.dll buffer overflow Glynn Clements (Nov 27)
- SCO su patches Alfred Huger (Nov 28)
- Solaris7 dtmail/dtmailpr/mailtool Buffer Overflow UNYUN (Nov 29)