Full Disclosure mailing list archives
RE: GDIPLUS VULN - MS04-028 - CRASH TEST JPEG
From: "Cassidy Macfarlane" <cmacfarlane () Drummond-Miller co uk>
Date: Wed, 15 Sep 2004 16:22:44 +0100
I found this almost exactly two years ago. http://www.securityfocus.com/archive/82/290856 I did not put much dev effort into it at the time, but it has been around for a while...... I'm just glad they sneaked the patch into SP2. I remember thinking at the time - 'hrm, if I wrote some shellcode to overwrite system mem, then I could have a .jpg that could TAKE OVER THE WORLD' I'm regretting not putting my full efforts in to this...can you tell? -----Original Message----- From: Elia Florio [mailto:eflorio () edmaster it] Sent: 15 September 2004 14:15 To: full-disclosure () lists netsys com Subject: [Full-disclosure] GDIPLUS VULN - MS04-028 - CRASH TEST JPEG Hi list, this is the JPEG able to reproduce the crash reported in the bullettin MS04-028. http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx Look at FFFE0001 or FFFE0000 signature in the JFIF header. Tested on Windows XP Prof SP1 [gdiplus.dll ver 5.1.3097.0] [eflorio] ________________________________________________ Messaggio inviato da Edizioni Master Webmail http://mbox.edmaster.it _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- GDIPLUS VULN - MS04-028 - CRASH TEST JPEG Elia Florio (Sep 15)
- <Possible follow-ups>
- RE: GDIPLUS VULN - MS04-028 - CRASH TEST JPEG Cassidy Macfarlane (Sep 15)