Re: Riched20.DLL attribute label buffer overflow vulnerability

From: Marc Ruef (marc.ruefat_private)
Date: Tue Feb 25 2003 - 00:58:42 PST

Next message: Kelledin: "Re: poc zlib sploit just for fun :)"

Previous message: H D Moore: "Re: Terminal Emulator Security Issues"
Maybe in reply to: Jie Dong: "Riched20.DLL attribute label buffer overflow vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

('binary' encoding is not supported, stored as-is) In-Reply-To: <7353719955.20030218113659at_private> Hi! >Can't reproduce it on riched20.dll v.3.0 (5.30.23.1200) under NT. It seems that my Windows XP Professional with riched20.dll v3.0 5.30.23.1211 is not vulnerable too. In http://www.securityfocus.com/bid/6874/discussion/ the following remark can be found: "Some reports indicate that this vulnerability could not be reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT." I think that this depends on v3.0 of riched20.dll. This version does not seem to contain the bufferoverflow. Bye, Marc -- http://www.computec.ch

Next message: Kelledin: "Re: poc zlib sploit just for fun :)"
Previous message: H D Moore: "Re: Terminal Emulator Security Issues"
Maybe in reply to: Jie Dong: "Riched20.DLL attribute label buffer overflow vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Feb 25 2003 - 09:39:52 PST