IPB

Welcome Guest ( Log In | Register )

[ Outline ] · Standard · Linear+

> JPEG buffer overrun, vulnerability

Track this topic | Email this topic | Print this topic
PimpScourge
post Sep 15 2004, 09:28 PM
Post #1


Broken As Designed
*****

Group: Admin
Posts: 529
Joined: 17-March 04
Member No.: 2
QUOTE
http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. The vulnerability is documented in this bulletin in its own section.

If a user is logged on with administrator privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.


apply patch if needed. :S
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
 
 Reply to this topicStart new topicStart Poll
Replies
lokal
post Sep 16 2004, 12:19 AM
Post #2


nFm [ progressor ]
**

Group: Full Member
Posts: 86
Joined: 11-August 04
Member No.: 142
On a related note...

QUOTE
"An advisory has been issued on several buffer overflow exploits in the Mozilla and Thunderbird code. Coincidentally, one of the exploits takes advantage of a unchecked buffer in the bitmap parser, very similar to recent Microsoft JPEG vulnerability. The good news is that if you have an updated version (Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8) you won't be affected."


--------------------
user posted image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post

Posts in this topic
PimpScourge   JPEG buffer overrun   Sep 15 2004, 09:28 PM
forbin   Read about that one today .. But from what I read,...   Sep 15 2004, 11:59 PM
lokal   On a related note...   Sep 16 2004, 12:19 AM

« Next Oldest · Public News · Next Newest »
 

Reply to this topicTopic OptionsStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
 

Lo-Fi Version Time is now: 4th July 2025 - 06:20 AM
Powered by Invision Power Board(Trial) v2.0.0 © 2025  IPS, Inc.