BugTraq
Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 11 2004 06:07AM
Arman Nayyeri (arman-n Phreaker net) (3 replies)
Re: Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 13 2004 01:22PM
jeremy 33ad org
Re: Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 13 2004 12:33PM
Thilo Schulz (arny ats s bawue de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 11 April 2004 08:07, Arman Nayyeri wrote:
> http://www.4rman.com/exploits/tinybmp.htm

Believe it or not. Konqueror from KDE 3.2.1 Segfaults on this page too.

(gdb) bt
#0 0x41288a88 in PutSubImage () from /usr/X11R6/lib/libX11.so.6
[...]
#9990 0x41288a88 in PutSubImage () from /usr/X11R6/lib/libX11.so.6
#9991 0x41288a88 in PutSubImage () from /usr/X11R6/lib/libX11.so.6
#9992 0x41288a88 in PutSubImage () from /usr/X11R6/lib/libX11.so.6
#9993 0x41288a88 in PutSubImage () from /usr/X11R6/lib/libX11.so.6
[...]

Not good. And it also seems to have eaten up half of the system's RAM.

- --
Thilo Schulz

My public PGP key is available at http://home.bawue.de/~arny/public_key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAe94zZx4hBtWQhl4RAiXqAKDpY3CjTkIU2fTolERHWvJJcvfUvgCff+9q
MXT+w5UJL4WoWEGLoJDAaYk=
=ysJ8
-----END PGP SIGNATURE-----

[ reply ]
RE: Microsoft Internet Explorer BMP file memory DoS vulnerability Apr 13 2004 06:00AM
Alan W. Rateliff, II (lists rateliff net)


 

Privacy Statement
Copyright 2010, SecurityFocus