funsec mailing list archives
RE: Are Office document files also an attack vector forthe.WMF flaw?
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 29 Dec 2005 16:29:59 -0600
Gets worse - WMF Exploit hits the rotational third-party AD network..... http://sunbeltblog.blogspot.com/2005/12/exfol-using-wmf-exploit-on-rotat ional.html
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Peter Kruse Sent: Thursday, December 29, 2005 3:41 PM To: 'Richard M. Smith'; funsec () linuxbox org Subject: RE: [funsec] Are Office document files also an attack vector forthe.WMF flaw? Hi Richard, Correct, as long as the MWF files is being parsed by Microsoft Windows Picture and Fax Viewer (SHIMGVW.DLL), and in this case it will, potentiel hostile code nested inside the WMF, will get executed into memory. Regards Peter -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Richard M. Smith Sent: 29. december 2005 16:34 To: funsec () linuxbox org Subject: [funsec] Are Office document files also an attack vector for the.WMF flaw? I suspect that a booby-trapped .WMF file can be embedded in Office files (Word, Excel, PowerPoint, ....) and will auto-execute when a document file is opened. Richard M. Smith http:/www.ComputerBytesMan.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RE: Are Office document files also an attack vector forthe.WMF flaw? Todd Towles (Dec 29)