Hi I tested [1] 'gdiscan' from SANS, and this tool reports vulnerable DLL's after installing all availible patches from M$..
WinXP Pro SP1 C:\WINDOWS\system32\gdiplus.dll Version: 5.1.3097.0 <-- Vulnerable version Win2k Server SP4 C:\Program Files\Common Files\Microsoft Shared\Ink\gdiplus.dll Version: 5.1.3097.0 <-- Vulnerable version [1] http://isc.sans.org/gdiscan.php Have a nice day /bashis _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
