HEAD'S UP Microsoft Windows Image Rendering Denial of Service Vulnerability

Printable View

April 22nd, 2005, 05:48 PM
ByTeWrangler

** HEAD'S UP ** Microsoft Windows Image Rendering Denial of Service Vulnerability

Greeting's

A Vulnerability has been found in Micosoft windows XP (home/pro) which can be exploited for a DoS attack.

Information :

Quote:

The vulnerability is caused due to an error in the image rendering for overly large images. This can e.g. be exploited to crash a vulnerable system when a user views an image with overly large HTML size attributes in e.g. Internet Explorer.

Quote:

The vulnerability has been confirmed on a fully patched Microsoft Windows XP SP2 system

SOLUTION :

Quote:

Do not view HTML content from untrusted sources while running critical applications.

More can be found at :

http://secunia.com/advisories/15064/

No advisory has been released by microsoft.
April 22nd, 2005, 06:10 PM
VanEck

hmmm, and yet another reason to switch to firefox
April 22nd, 2005, 06:14 PM
zENGER

Looks like its part of XP, not IE that is causing the problem, so firefox would be vulnerable too.
April 22nd, 2005, 06:19 PM
morganlefay

Quote:

hmmm, and yet another reason to switch to firefox

>RANT<

I AM SOOOOOOOOOOOOO FRIGGIN SICK OF THIS ANSWER!!!!!!

>RANT OVER<

There I feel better now.... ;)

MLF

zENGER....excellent points once again.

(Have to spread out them greenies)

** HEAD'S UP ** Microsoft Windows Image Rendering Denial of Service Vulnerability