BugTraq
Back to list
|
Post reply
Re: Riched20.DLL attribute label buffer overflow vulnerability
Feb 25 2003 08:58AM
Marc Ruef (marc ruef computec ch)
In-Reply-To: <7353719955.20030218113659 (at) SECURITY.NNOV (dot) RU [email concealed]>
Hi!
>Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT.
It seems that my Windows XP Professional with riched20.dll v3.0
5.30.23.1211 is not vulnerable too.
In http://www.securityfocus.com/bid/6874/discussion/ the following remark
can be found: "Some reports indicate that this vulnerability could not be
reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT."
I think that this depends on v3.0 of riched20.dll. This version does not
seem to contain the bufferoverflow.
Bye, Marc
--
http://www.computec.ch
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Hi!
>Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT.
It seems that my Windows XP Professional with riched20.dll v3.0
5.30.23.1211 is not vulnerable too.
In http://www.securityfocus.com/bid/6874/discussion/ the following remark
can be found: "Some reports indicate that this vulnerability could not be
reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT."
I think that this depends on v3.0 of riched20.dll. This version does not
seem to contain the bufferoverflow.
Bye, Marc
--
http://www.computec.ch
[ reply ]