Full Disclosure mailing list archives
Control EDX/EAX in JPG Heap Overflow (MS04-028)
From: Anonymous User <PERFECT.MATERIAL () gmail com>
Date: Tue, 21 Sep 2004 23:06:36 -0400
Dear Italian Elf, You wrote:
In this point we can control the value of EDX (it's overwritten by "CCCC" 0x43434343 dword inside JPEG header), but it's difficult escape from the heap and take the full control on execution.
I also have difficulty escape from the heap. Maybe we can do lunch some time? PERFECT.MATERIAL _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Control EDX/EAX in JPG Heap Overflow (MS04-028) Elia Florio (Sep 21)
- <Possible follow-ups>
- Control EDX/EAX in JPG Heap Overflow (MS04-028) Anonymous User (Sep 21)
- Re: Control EDX/EAX in JPG Heap Overflow (MS04-028) jerome . athias (Sep 22)
- RE: Control EDX/EAX in JPG Heap Overflow (MS04-028) Todd Towles (Sep 22)