Full Disclosure mailing list archives

Re: 2x 0day Microsoft Windows Excel

From: Georgi Guninski <guninski () guninski com>
Date: Sun, 8 Jan 2006 20:40:40 +0200

will there be a chance of bidding on something more reliable than ebay?

-- 
where do you want bill gates to go today?

On Sun, Jan 08, 2006 at 04:10:16PM +0100, ad () heapoverflow com wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
after many hours working on excel I have found a
critical excel bug exploitable. This is not a stack bof
nor a heap bof , a bug extremely hard to find and trigger , but it
conduct excel to execute any arbitrary codes while opening a malicious
.xls file.

note: the bug isn't related to both excel dos that I have already
published but shows similiar to a null pointer bug at a first look.
much infos won't be disclosed publicly or privately and this will be
transmitted to ms before the spyware loosers catch it :)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: 2x 0day Microsoft Windows Excel ad () heapoverflow com (Jan 08)
- Re: 2x 0day Microsoft Windows Excel Georgi Guninski (Jan 08)
  - Re: 2x 0day Microsoft Windows Excel ad () heapoverflow com (Jan 08)
    - Re: 2x 0day Microsoft Windows Excel Georgi Guninski (Jan 08)
- Re: 2x 0day Microsoft Windows Excel ad () heapoverflow com (Jan 10)
  - SecurID with Active Directory ? Steven (Jan 10)
  - Re: 2x 0day Microsoft Windows Excel Amit Sharma (Jan 12)
    - Re: 2x 0day Microsoft Windows Excel Stan Bubrouski (Jan 12)
    - Re: 2x 0day Microsoft Windows Excel ad () heapoverflow com (Jan 12)