** HEAD'S UP ** Microsoft Windows Image Rendering Denial of Service Vulnerability

***ByTeWrangler*** · April 22nd, 2005, 05:48 PM

Greeting's

A Vulnerability has been found in Micosoft windows XP (home/pro) which can be exploited for a DoS attack.

Information :

The vulnerability is caused due to an error in the image rendering for overly large images. This can e.g. be exploited to crash a vulnerable system when a user views an image with overly large HTML size attributes in e.g. Internet Explorer.

The vulnerability has been confirmed on a fully patched Microsoft Windows XP SP2 system

SOLUTION :

Do not view HTML content from untrusted sources while running critical applications.

More can be found at :

http://secunia.com/advisories/15064/

No advisory has been released by microsoft.

**VanEck** · April 22nd, 2005, 06:10 PM

hmmm, and yet another reason to switch to firefox

**zENGER** · April 22nd, 2005, 06:14 PM

Looks like its part of XP, not IE that is causing the problem, so firefox would be vulnerable too.

***morganlefay*** · April 22nd, 2005, 06:19 PM

hmmm, and yet another reason to switch to firefox

>RANT<

I AM SOOOOOOOOOOOOO FRIGGIN SICK OF THIS ANSWER!!!!!!

>RANT OVER<

There I feel better now....

MLF

zENGER....excellent points once again.

(Have to spread out them greenies)

Thread: HEAD'S UP Microsoft Windows Image Rendering Denial of Service Vulnerability

Thread Tools

Display