Another 2 WMF flaws

Status
Not open for further replies.
S

Spike

Posts: 2,122   +0
Microsoft say they are nothing more than Denial of Service flaws causing the rendering application to crash. Bugtraq reports fears that modification to the proof of concept code could result in an exploit capable of gaining system level privileges if an administrator views the (specially crafted) malicious file.

http://www.securityfocus.com/bid/16167/discuss
Microsoft Windows GRE WMF Format Multiple Memory Overrun Vulnerabilities
[UPDATE]Microsoft Windows GRE WMF Format Multiple Unauthorized Memory Access Vulnerabilities

http://www.pcmag.com/article2/0,1895,1909522,00.asp...

The issue is described as a denial-of-service condition, but there are fears that arbitrary code execution may be possible if the exploit is modified.
Click to expand...

The solution given by the discoverer of this issue is as follows...
Microsoft has not develop the patch,please unregister the Windows Picture and Fax Viewer (Shimgvw.dll)(see MS06-001).
Click to expand...
 
Status
Not open for further replies.

Similar threads

A
Apple patches two zero-day flaws abused to install the Pegasus spyware
Replies
0
Views
240
Alfonso Maruccia
A
D
Microsoft's latest Patch Tuesday addresses 6 actively exploited zero-day vulnerabilities
Replies
0
Views
297
DragonSlayer101
D
A
Microsoft fixes 38 flaws, including 3 zero-day vulnerabilities, with Patch Tuesday update
Replies
1
Views
505
Danny101
Danny101

Latest posts

Back