Dear Italian Elf, You wrote: > In this point we can control the value of EDX (it's overwritten by > "CCCC" 0x43434343 dword inside JPEG header), but it's difficult escape > from the heap and take the full control on execution.
I also have difficulty escape from the heap. Maybe we can do lunch some time? PERFECT.MATERIAL _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
