JPEG Vulnerability after patch!

**STeRoiD** · September 30th, 2004, 04:06 AM

Bottom line : the exploit still runs on my computer, after i have patched my machine! help!

Details :
I use WinXP SP1.

I have download and "patched" my machine from here :
http://www.microsoft.com/technet/sec.../ms04-028.mspx
(File called WindowsXP-KB833987-x86-ENU.EXE)

After I have patched my comp, I compiled the local exploit from here :
[edit : was a link to GDI+ buffer overrun exploit by FoToZ]

and its still working! its running cmd.exe as soon as i view the folder with the picture.

Plz Help!

<GDI scan results>
Scanning Drive C:...
C:\Program Files\Camera Suite\PhotoImpression\Share\gdiplus.dll
Version: 5.1.3097.0 <-- Vulnerable version
C:\Program Files\Common Files\Microsoft Shared\Office10\MSO.DLL
Version: 10.0.3311.0 <-- Possibly vulnerable (Under OfficeXP only)
C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll
Version: 6.0.2800.1106 <-- Possibly vulnerable (Win2K SP2 and SP3 w/IE6 SP1 only)
C:\WINDOWS\$NtServicePackUninstall$\sxs.dll
Version: 5.1.2600.0 <-- Vulnerable version
C:\WINDOWS\$NtServicePackUninstall$\vgx.dll
Version: 6.0.2600.0 <-- Possibly vulnerable (Win2K SP2 and SP3 w/IE6 SP1 only)
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll
Version: 5.1.2600.1106 <-- Possibly vulnerable (Backup for uninstall purposes)
C:\WINDOWS\LastGood\System32\sxs.dll
Version: 5.1.2600.1106 <-- Vulnerable version
C:\WINDOWS\ServicePackFiles\i386\sxs.dll
Version: 5.1.2600.1106 <-- Vulnerable version
C:\WINDOWS\ServicePackFiles\i386\vgx.dll
Version: 6.0.2800.1106 <-- Possibly vulnerable (Win2K SP2 and SP3 w/IE6 SP1 only)
C:\WINDOWS\system32\sxs.dll
Version: 5.1.2600.1515
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.0.0_x-ww_8d353f13\GdiPlus.dll
Version: 5.1.3097.0 <-- Possibly vulnerable (Windows Side-By-Side DLL)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.10.0_x-ww_712befd8\GdiPlus.dll
Version: 5.1.3101.0 <-- Possibly vulnerable (Windows Side-By-Side DLL)
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.1360_x-ww_24a2ed47\GdiPlus.dll
Version: 5.1.3102.1360
Scan Complete.
</GDI scan results>

PS : No, I dont want to upgrade to SP2.

Thread: JPEG Vulnerability after patch!

Thread Tools

Display

Hybrid View

JPEG Vulnerability after patch!

Posting Permissions