Bugtraq mailing list archives
Re: Windows XP explorer.exe heap overflow.
From: Dragos Ruiu <dr () kyx net>
Date: Thu, 26 Feb 2004 10:41:11 -0800
To exploit this flaw (in explorer), simply place a malformed (invalid "size" field) .emf file in any directory, open explorer to that path, and view as Thumbnails. Bang. In it's simplest form it's a DOS - it affects all explorer windows, including File Open dialogs for many programs.
The february 04 issue of MaximumPC lists the following registry key to tweak to help speed up your system. Seems to me this might have other benefits besides speed. :-) Remove Image Preview by deleting this key: HKEY_Classes_Root\SystemFileAssociations\Image\ShellEx\ContextMenuHandlers\ShellImagePreview cheers, --dr -- Top security experts. Cutting edge tools, techniques and information. Vancouver, Canada April 21-23 2004 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp
Current thread:
- Windows XP explorer.exe heap overflow. sunglasses (Feb 23)
- Re: Windows XP explorer.exe heap overflow. Eli K. (Feb 24)
- RE: Windows XP explorer.exe heap overflow. Larry Seltzer (Feb 25)
- Re: Windows XP explorer.exe heap overflow. Eli Kara (Feb 25)
- Re: Windows XP explorer.exe heap overflow. Dragos Ruiu (Feb 26)
- RE: Windows XP explorer.exe heap overflow. Larry Seltzer (Feb 25)
- Re: Windows XP explorer.exe heap overflow. Tim (Feb 24)
- <Possible follow-ups>
- Re: Windows XP explorer.exe heap overflow. Chris Calabrese (Feb 23)
- blocking gzip encoded files Darwin Mecham (Feb 23)
- Re: blocking gzip encoded files mgotts (Feb 24)
- Re: blocking gzip encoded files Josep L. Guallar-Esteve (Feb 24)
- blocking gzip encoded files Darwin Mecham (Feb 23)
- RE: Windows XP explorer.exe heap overflow. Michael Wojcik (Feb 23)
- Re: Windows XP explorer.exe heap overflow. Eli K. (Feb 24)