Full Disclosure mailing list archives
Re: Windows XP explorer.exe heap overflow
From: "Elia Florio" <eflorio () edmaster it>
Date: Wed, 25 Feb 2004 09:10:15 +0100
WinXP SP1 (fully patched) german is vuln to AN00010_.wmf explorer.exe hogs 100% cpu speed. tom
I can confirm that my WinXP SP1 (ITALIAN) fully patched except for these two updates : KB832894 - MS04-004 (%01 vuln in URL string) KB828028 - MS04-007 (ASN.1 library bug) is vuln. to malformed EMF and WMF files. EXPLORER.EXE goes to 99% CPU usage during preview/rendering of malformed images. I've tried to attach a .WMF in a mail message and also Outlook Express is vuln.; when user receives an email message, OE try to display preview of images and hang up. Killing OE will not cause any problem to EXPLORER.EXE. EF _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Windows XP explorer.exe heap overflow Tom Koehler (Feb 24)
- Re: Windows XP explorer.exe heap overflow Elia Florio (Feb 25)
- RE: Windows XP explorer.exe heap overflow Aditya, ALD [Aditya Lalit Deshmukh] (Feb 27)
- Re: Windows XP explorer.exe heap overflow Elia Florio (Feb 25)