[29020] in bugtraq
Re: Riched20.DLL attribute label buffer overflow vulnerability
daemon@ATHENA.MIT.EDU (Raistlin)
Mon Feb 24 16:52:04 2003
Message-ID: <036901c2dc46$5a26aa20$01c8a8c0@raistlin>
From: "Raistlin" <raistlin@gioco.net>
To: "BugTraq" <BUGTRAQ@securityfocus.com>
Date: Mon, 24 Feb 2003 21:47:20 +0100
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
> Since RTF files are opened and rendered automatically by Outlook Express
and
> Internet Explorer, this is remotely exploitable through mail and web.
There are still unfixed buffer overflows (i.e. an <a href=""> overflow,
http://securenetwork.it/szanero/bug-oe-2.htm) that can be remotely triggered
to crash outlook express, so this is not really something new.
It simply seems that if a bug does not allow remote code execution, it is
not something worth MS attention.
Stefano "Raistlin" Zanero
System Administrator Gioco.Net
public PGP key block at http://gioco.net/pgpkeys
