Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Vulnerabilities in Microsoft Reader and HIS

From: Luigi Auriemma <aluigi () autistici org>
Date: Mon, 11 Apr 2011 16:49:32 +0100
Microsoft Reader is a PC/tablet software for reading the ebooks in LIT
format and the Audible audio books.
The following are a couple of integer overflows, an heap and an array
indexing overflow and the writing of a NULL byte in an arbitrary memory
location:

  http://aluigi.org/adv/msreader_1-adv.txt
  http://aluigi.org/adv/msreader_2-adv.txt
  http://aluigi.org/adv/msreader_3-adv.txt
  http://aluigi.org/adv/msreader_4-adv.txt
  http://aluigi.org/adv/msreader_5-adv.txt

There are also some bugs in Microsoft Host Integration Server 2010 but
they are only Denial of Service vulnerabilities like the crashing and
the freezing of the services with CPU at 100%:

  http://aluigi.org/adv/snabase_1-adv.txt


--- 
Luigi Auriemma
http://aluigi.org
Previous By Date Next
Previous By Thread Next

Current thread: