Vuln Dev
GDI+ and Internet Explorer question Jun 09 2007 11:40AM
gljuposti gmail com (1 replies)
From reading about previous GDI+ vulnerability reports (such as JPEG overflow) I got an impression that Internet Explorer was using GDI+ to decode images. However, looking at the newfound GDI+ ICO vulnerability, I noticed that the PoC

http://www.securityfocus.com/data/vulnerabilities/exploits/24346.ico

fails to crash my Internet Explorer. So I was wondering, does Internet Explorer utilizes GDI+ for image decoding? If it does not, what component(s) does it use?

TIA

[ reply ]
Re: GDI+ and Internet Explorer question Jun 10 2007 10:02PM
H D Moore (sflist digitaloffense net)


 

Privacy Statement
Copyright 2010, SecurityFocus