Full Disclosure mailing list archives
Re: Windows .ANI LoadAniIcon Stack Overflow
From: Alexander Sotirov <asotirov () determina com>
Date: Tue, 03 Apr 2007 19:13:06 -0700
Larry Seltzer wrote:
Alex had said that he was exploiting this bug on Firefox, even though the Firefox docs say it should be impossible. I'm just trying to understand how his claims are possible. There's no reason to believe the Firefox developers need to do anything. IE, for example, is fixed when the ANI code in GDI is fixed.
To avoid any confusion: 1) There is no vulnerability in the Firefox source code 2) Firefox uses a Windows API function which uses the vulnerable code in USER32.DLL, so the ANI vulnerability can be exploited through Firefox 3) Installing the MS07-017 patch will protect both IE and Firefox against this vulnerability 4) There is no vulnerability for the Firefox developers to patch. I recommend that they limit their use of the Windows API to avoid being affected by the next Windows vuln, but this is application hardening, not a vulnerability fix. 5) Even thought the patch is already out, I'd like to avoid harming Windows users who haven't installed it, so that's why I'm not releasing the details about the Firefox exploit just yet. Larry, why are you so curious about how this exploit works? Alex _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Windows .ANI LoadAniIcon Stack Overflow, (continued)
- Re: Windows .ANI LoadAniIcon Stack Overflow Alexander Sotirov (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow George Ou (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Alexander Sotirov (Apr 02)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow George Ou (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow ad () heapoverflow com (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Daniel Veditz (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Alexander Sotirov (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Alexander Sotirov (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Larry Seltzer (Apr 03)
- Re: Windows .ANI LoadAniIcon Stack Overflow Peter Ferrie (Apr 04)
- Re: Windows .ANI LoadAniIcon Stack Overflow Michal Majchrowicz (Apr 08)
- Re: Windows .ANI LoadAniIcon Stack Overflow wac (Apr 08)
- Re: Windows .ANI LoadAniIcon Stack Overflow Michal Majchrowicz (Apr 10)
- Re: Windows .ANI LoadAniIcon Stack Overflow Brooks, Shane (Apr 10)
- Re: Windows .ANI LoadAniIcon Stack Overflow Knud Erik Højgaard (Apr 10)