Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Few unreported vulnerabilities by SehaTo
- From: 3APA3A at security.nnov.ru (3APA3A)
- Subject: [Full-disclosure] Few unreported vulnerabilities by SehaTo
- Date: Sun, 25 Feb 2007 19:12:08 +0300
Hello lists, SehaTo (sehato at yandex ru) reported few vulnerabilities in different Windows applications. Original messages (in Russian) may be found at http://securityvulns.com/source16446.html 1. Microsoft Windows Explorer corrupted WMF vulnerability http://securityvulns.com/news/Microsoft/Windows/Explorer/DoS.html Windows explorer (explorer.exe) crashes on browsing folder with corrupted WMF files. SecurityVulns note: from the very fast debugging results analysis on Windows XP SP2, there is potential code execution possibility (memory corruption), because attacker-controllable data is used to contruct both read and write memory addresses. Deeper research of exploitation possibility was not performed. 2. IfranView / Microsoft Office 2003 malformed WMF crash http://securityvulns.com/news/IrfanView/WMF/DoS.html IfranView crashes on attempt to view malformed WMF, Microsoft Office crashes on attempt to insert corrupted WMF file. SecurityVulns note: because of relatively low impact, SecurityVulns did no research on this vulnerability. 3. 2 different Microsoft Excel DoS conditions http://securityvulns.com/news/Microsoft/Excel/XML/DoS.html 2 different crashes in Microsoft Excel on parsing .XLS files (corrupted XML and corrupted XLS formats). SecurityVulns note: vulnerabilities confirmed on Microsoft Excel 2003. Both vulnerabilities are of NULL-pointer dereference type. Code execution is probably impossible. -- /3APA3A http://securityvulns.com/
- Prev by Date: [Full-disclosure] [ GLSA 200702-10 ] UFO2000: Multiple vulnerabilities
- Next by Date: [Full-disclosure] M$ Groove
- Previous by thread: [Full-disclosure] [ GLSA 200702-10 ] UFO2000: Multiple vulnerabilities
- Next by thread: [Full-disclosure] M$ Groove
- Index(es):