This bug is also present in Microsoft's flagship operating system Windows
2000
On Thu, 18 Nov 1999, Pauli Ojanpera wrote:
> Just if someone needs to know...
>
> Win98/NT4 Riched20.dll (which WordPad uses) has a classic buffer
> overflow problem with ".rtf"-files.
>
> Crashme.rtf :
> {\rtf\AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA}
>
> A malicious document may probably abuse this to execute arbitary
> code. WordPad crashes with EIP=41414141.
>
> Someone else do deeper investigation since I don't care to.
>
> ______________________________________________________
> Get Your Private, Free Email at http://www.hotmail.com
>
- Re: WordPad/riched20.dll buffer overflow Gerardo Richarte
- Re: WordPad/riched20.dll buffer overfl... pedward
- Re: WordPad/riched20.dll buffer o... Christopher Rhodes
- Re: WordPad/riched20.dll buff... Glynn Clements
- Re: WordPad/riched20.dll buff... Jason Spence
- Re: WordPad/riched20.dll buff... Crispin Cowan
- Re: WordPad/riched20.dll buff... Glynn Clements
- Re: WordPad/riched20.dll buff... Solar Designer
- Re: WordPad/riched20.dll buff... Casper Dik
- Re: WordPad/riched20.dll buff... Pavel Machek
- Re: WordPad/riched20.dll buffer overflow - Full Details User SCOTT
- Re: WordPad/riched20.dll buffer overflow - Full De... Solar Eclipse
- Re: WordPad/riched20.dll buffer overflow Bronek Kozicki
- Re: WordPad/riched20.dll buffer overflow Ussr Labs
- Re: WordPad/riched20.dll buffer overflow Thomas Dullien
- Re: WordPad/riched20.dll buffer overflow Ussr Labs
