OT: Windows releases info on how to fix the latest exploit of Explorer
Brian Kelsay
BLKELSAY at kcc.usda.gov
Tue Feb 17 20:59:57 CST 2004
One can only imagine what some well crafted Pr0n will do to it. Possibly send it into a tizzy of
pop-ups and spam as the world has never seen. What, oh, that's right, it already does just by
going to msn.com.
Brian Kelsay
>>> "Brian Densmore" <> 02/17/04 02:15PM
In case anyone missed it, the latest hack causes a stack overflow in
IE 5 with a well crafted bitmap. Which of course make LookOut susceptible,
too. It seems they used an unsigned integer and feed that into a signed
integer, thus allowing the possibility to send a very large number (> 2^31)
that is then interpreted as a negative and thus trashing the stack.
Whoo hoo.
More information about the Kclug
mailing list