Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability

Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability

References:

Microsoft Homepage (Microsoft)
MS11-006 Vulnerability in Windows Shell Graphics Processing Could Allow Remote C (Avaya)
Slides (Moti & Xu Hao)
iDefense Security Advisory 02.08.11: Microsoft Windows Picture and Fax Viewer Li (labs-no-reply )
Microsoft Security Advisory (2490606) (Microsoft)
Microsoft Security Bulletin MS11-006 (Microsoft)
Microsoft Windows Picture and Fax Viewer Library (iDefense)
Vulnerability Note VU#106516 Microsoft Windows graphics engine thumbnail stack b (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus