From reading about previous GDI+ vulnerability reports (such as JPEG overflow) I got an impression that Internet Explorer was using GDI+ to decode images. However, looking at the newfound GDI+ ICO vulnerability, I noticed that the PoC
fails to crash my Internet Explorer. So I was wondering, does Internet Explorer utilizes GDI+ for image decoding? If it does not, what component(s) does it use?
http://www.securityfocus.com/data/vulnerabilities/exploits/24346.ico
fails to crash my Internet Explorer. So I was wondering, does Internet Explorer utilizes GDI+ for image decoding? If it does not, what component(s) does it use?
TIA
[ reply ]