Коллеги, а вот и что-то более реальное - если кто-то будет анализировать,
скажите, насколько это серьезно.
----------
Message: 3
Date: Mon, 19 Dec 2005 11:52:52 +0100
From: "ad@xxxxxxxxxxxxxxxx" <ad@xxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] 2x 0day Microsoft Windows Excel
To: full-disclosure@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx
Message-ID: <43A69104.9080904@xxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Let's go on the fast publishing :)
I wont bother to message microsoft about this because they wont patch it
for sure according that they can't patch fully exploitable bugs in a
decent time, they do not patch IE dos
(http://heapoverflow.com/IEcrash.htm), so no way to bother them, we
should let them sleep a bit shhh ;)
Bugs 1 and Bugs 2 are quite similiar but NOT, both are null pointer bugs
. In bug1 you should mod a grafic's pointer to point to a bad area, and
in bug 2 you should null out the size of the page name.
Я что-то не понял, в чем там прикол. Вроде нормальные файлы. Или это
надо обязательно внутри IE делать?