funsec mailing list archives
Re: Microsoft Windows "itss.dll" Heap Corruption Vulnerability
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 10 May 2006 22:41:45 -0400
On 5/10/06, Blue Boar <BlueBoar () thievco com> wrote:
Fergie wrote: > Successful exploitation requires that the user is e.g. tricked in opening or decompiling a malicious ".CHM" file using "hh.exe". Isn't opening a .chm already equivalent to running a .exe?
Yes, and it really sucks. A lot of ebooks come in .chm format... ... Damnation!! -JP _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Microsoft Windows "itss.dll" Heap Corruption Vulnerability Fergie (May 10)
- Re: Microsoft Windows "itss.dll" Heap Corruption Vulnerability Blue Boar (May 10)
- Re: Microsoft Windows "itss.dll" Heap Corruption Vulnerability Dude VanWinkle (May 10)
- Re: Microsoft Windows "itss.dll" Heap Corruption Vulnerability Blue Boar (May 10)