Bugtraq mailing list archives
Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability
From: gynvael () vexillium org
Date: 23 Nov 2007 17:53:51 -0000
Hi, On 23 Nov 2007 07:23:05 -0000, <emacs25 () gmail com> wrote:
I was trying to confirm that, but under Windows XP MCE (lang: German and English) with all patches, overflows on other address. Can anybody confirm that?
I've tested it on VPC with Windows XP SP2 PL and I can confirm it works as the author stated.
I agree with JohnDo, why just don't send user a specially crafted kernel32.dll :).
I don't. First, it's a .txt file, not a .dll file. Second, this file is a part of emoticon sets. You do not expect emoticons to execute some code do you ? ;>
2. Why did you wrote VERY HIGH threat? This is local buffer overflow. Moreover user has to replace original file. This vulnerability has more to do with SE :(.
As far as I know the user does not have to overwrite any file. See http://vexillium.org for a video of exploitation without replacing any files. "Very High" might be a little to much, but just a little imho ;> Best Regards ;> -- gynvael.coldwind//vx
Current thread:
- Gadu-Gadu Local/Remote Buffer Overflow vulnerability j00ru . vx (Nov 22)
- <Possible follow-ups>
- Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gg_vuln (Nov 22)
- Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability emacs25 (Nov 23)
- Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability j00ru . vx (Nov 23)
- Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gynvael (Nov 23)
- Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability sdfkjsomcoismwevoiweo (Nov 23)
- Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability emacs25 (Nov 23)
- Re: Re: Re: Re: Re: Gadu-Gadu Local/Remote Buffer Overflow vulnerability gynvael (Nov 23)