Bugtraq mailing list archives
Re: Riched20.DLL attribute label buffer overflow vulnerability
From: Marc Ruef <marc.ruef () computec ch>
Date: 25 Feb 2003 08:58:42 -0000
In-Reply-To: <7353719955.20030218113659 () SECURITY NNOV RU> Hi!
Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT.
It seems that my Windows XP Professional with riched20.dll v3.0 5.30.23.1211 is not vulnerable too. In http://www.securityfocus.com/bid/6874/discussion/ the following remark can be found: "Some reports indicate that this vulnerability could not be reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT." I think that this depends on v3.0 of riched20.dll. This version does not seem to contain the bufferoverflow. Bye, Marc -- http://www.computec.ch
Current thread:
- Riched20.DLL attribute label buffer overflow vulnerability Jie Dong (Feb 17)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Thor Larholm (Feb 21)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Raistlin (Feb 24)
- <Possible follow-ups>
- Re: Riched20.DLL attribute label buffer overflow vulnerability 3APA3A (Feb 18)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Marc Ruef (Feb 25)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Thor Larholm (Feb 21)