Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: Larry at larryseltzer.com (Larry Seltzer)
- Subject: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- Date: Sun, 1 Apr 2007 15:23:22 -0400
>>It is completely possible to execute shellcode if we can do some DEP bypass (ie. ret2libc attack, etc..) In Vista this should have problems because of ASLR, right? I'm beginning to think that web-based attacks with this in Vista aren't really so scary. Even if you can get them to execute what can you really do in IE protected mode? You need to get the user to run the ANI outside of IE. Can anyone say what actually happens if you read an e-mail in the Vista Mail program with an attack ANI embedded? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.eweek.com/blogs/larry%5Fseltzer/ Contributing Editor, PC Magazine larryseltzer at ziffdavis.com
- Follow-Ups:
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: Dave Aitel
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: ad at heapoverflow.com
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow -> Its ok, its in IE Protected Mode
- From: Haroon Meer
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: Alexander Sotirov
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- References:
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: Larry Seltzer
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- From: dev code
- [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- Prev by Date: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- Next by Date: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- Previous by thread: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- Next by thread: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow
- Index(es):