RE: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)

Edward Pearson Tue, 10 Jan 2006 06:58:11 -0800

As far as I can tell this isn’t exploitable, can I get a second on that?

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Drew Masters
Sent: 10 January 2006 12:20
To: Andrey Bayora
Cc: [email protected]
Subject: Re: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)

Not sure if it's been previously mentioned...

It's possible to cause similiar crashes by making a malformed call to startdoc instead of setabortproc with 64bytes of garbage data.

Cheers

Drew

On 09/01/06, Andrey Bayora <[EMAIL PROTECTED]> wrote:

Hello list,

In case, someone interested:

Here is the PoC for the 2 new WMF vulnerabilities discovered by cocoruder
(http://ruder.cdut.net) and does not covered by MS06-001.

You can download WMF images at:
http://www.securityelf.org/files/WMF-DoS.rar

Regards,
Andrey.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

RE: [Full-disclosure] PoC for the 2 new WMF vulnerabilities (DoS)

Reply via email to