dcsimg
Page 2 of 5 FirstFirst 1234 ... LastLast
Results 11 to 20 of 46

Thread: HTML Exploit for Windows

  1. #11
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I'd have to again say it's nothing...

    I just ran it on my machine... fully patched... still nothing... yeah it locks up a bit trying to render the image at that size.. but that's it... the occasional freeze... nothing else..


    The browser was locked while trying to display the image.. it is rather large.... It's just running "too" much on your computer at once.. eventually I got tired of waiting, and end tasked IE...

    I suppose you could call it a browser DoS but given enough time it'd free itself up again.... it's just a matter of waiting.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  2. #12
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    I'd have to again say it's nothing...

    I just ran it on my machine... fully patched... still nothing... yeah it locks up a bit trying to render the image at that size.. but that's it... the occasional freeze... nothing else..


    The browser was locked while trying to display the image.. it is rather large.... It's just running "too" much on your computer at once.. eventually I got tired of waiting, and end tasked IE...

    I suppose you could call it a browser DoS but given enough time it'd free itself up again.... it's just a matter of waiting.

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  3. #13
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Doesn't crash Konqueror (Slackware GNU/Linux)
    Gives a nice huge pixelated image..

    Doesn't crash Firefox 1.5 (Slackware GNU/Linux)
    Just a huge big white page..

    Couldn't test on Windows today... sorry..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  4. #14
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Doesn't crash Konqueror (Slackware GNU/Linux)
    Gives a nice huge pixelated image..

    Doesn't crash Firefox 1.5 (Slackware GNU/Linux)
    Just a huge big white page..

    Couldn't test on Windows today... sorry..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  5. #15
    Senior Member
    Join Date
    May 2002
    Posts
    256
    http://www.haloscan.com/comments/ale...4060575607610/ was where the issue was first seen by me
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  6. #16
    Senior Member
    Join Date
    May 2002
    Posts
    256
    http://www.haloscan.com/comments/ale...4060575607610/ was where the issue was first seen by me
    Sex is like \"Social Security\". You get a little each month, but it\'s not enough to live on.

  7. #17
    Banned
    Join Date
    Apr 2003
    Posts
    1,146
    I would bet this has more to do with the system specific memory, video card/memory and other issues, not MS Windows XP, IE's, or FireFox's specific ability to render the .jpg.

    Based on the comments on the link and here, it behaves different for different systems. So, I suspect this is more a hardware weakness, an available memory issue, or some compatibility with other installed software.

    Since the issue isn't coming from a testing center or lab, where a controlled analysis is done, it could be anything.

    As HT sez, it is nothing.

  8. #18
    Banned
    Join Date
    Apr 2003
    Posts
    1,146
    I would bet this has more to do with the system specific memory, video card/memory and other issues, not MS Windows XP, IE's, or FireFox's specific ability to render the .jpg.

    Based on the comments on the link and here, it behaves different for different systems. So, I suspect this is more a hardware weakness, an available memory issue, or some compatibility with other installed software.

    Since the issue isn't coming from a testing center or lab, where a controlled analysis is done, it could be anything.

    As HT sez, it is nothing.

  9. #19
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    So I was looking at the link wildred posted and I was wondering why I knew the name Alex Eckelberry... and then I saw the top of the page (SunbeltBlog)... So I hit sunbeltblog.blogspot.com and checked it out... there's this post about halfway down the page

    Monday, January 09, 2006
    Another WMF vulnerability
    SecurityFocus has published an advisory on yet another WMF vulnerability.

    We have seen no exploits in the wild on this one. We hope not to before Microsoft patches it.

    Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions.

    These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data.

    Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well. Any code execution that occurs will be with the privileges of the user viewing a malicious image. An attacker may gain SYSTEM privileges if an administrator views the malicious file.


    Link here.

    Update: This vulnerability is more related to triggering a denial of service attack on a vulnerable system. The exploit code we have observed does not prove that code could be run on a machine (unlike the last WMF exploit), but this type of danger is always an issue with buffer overflows. We will keep this blog updated with the latest relevant news.



    Alex Eckelberry
    (Thanks Adam)
    The posts that wildred is showing are the comments that were left...

    Alex's source was http://www.securityfocus.com/bid/16167/discuss
    Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities

    Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions.

    These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data.

    Reports indicate that these issues lead to a denial of service condition. Earlier conjectures that the issues may result in the execution of arbitrary code appear at this point to be incorrect. Attackers could force a crash or restart of the viewing application.
    The person who posted that message obviously had shitty hardware... it locked up their machine so they just killed it and decided it was a Microsoft problem.... It's completely unreleated to Alex's topic...

    So in other words it's nothing reported by a nobody..

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  10. #20
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    So I was looking at the link wildred posted and I was wondering why I knew the name Alex Eckelberry... and then I saw the top of the page (SunbeltBlog)... So I hit sunbeltblog.blogspot.com and checked it out... there's this post about halfway down the page

    Monday, January 09, 2006
    Another WMF vulnerability
    SecurityFocus has published an advisory on yet another WMF vulnerability.

    We have seen no exploits in the wild on this one. We hope not to before Microsoft patches it.

    Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions.

    These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data.

    Reports indicate that these issues lead to a denial of service condition, however, it is conjectured that arbitrary code execution is possible as well. Any code execution that occurs will be with the privileges of the user viewing a malicious image. An attacker may gain SYSTEM privileges if an administrator views the malicious file.


    Link here.

    Update: This vulnerability is more related to triggering a denial of service attack on a vulnerable system. The exploit code we have observed does not prove that code could be run on a machine (unlike the last WMF exploit), but this type of danger is always an issue with buffer overflows. We will keep this blog updated with the latest relevant news.



    Alex Eckelberry
    (Thanks Adam)
    The posts that wildred is showing are the comments that were left...

    Alex's source was http://www.securityfocus.com/bid/16167/discuss
    Microsoft Windows Graphics Rendering Engine Multiple Memory Corruption Vulnerabilities

    Microsoft Windows WMF graphics rendering engine is affected by multiple memory corruption vulnerabilities. These issues affect the 'ExtCreateRegion' and 'ExtEscape' functions.

    These problems present themselves when a user views a malicious WMF formatted file containing specially crafted data.

    Reports indicate that these issues lead to a denial of service condition. Earlier conjectures that the issues may result in the execution of arbitrary code appear at this point to be incorrect. Attackers could force a crash or restart of the viewing application.
    The person who posted that message obviously had shitty hardware... it locked up their machine so they just killed it and decided it was a Microsoft problem.... It's completely unreleated to Alex's topic...

    So in other words it's nothing reported by a nobody..

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •