[33964] in bugtraq
Re: Windows XP explorer.exe heap overflow.
daemon@ATHENA.MIT.EDU (Dragos Ruiu)
Thu Feb 26 14:54:13 2004
From: Dragos Ruiu <dr@kyx.net>
To: "Larry Seltzer" <larry@larryseltzer.com>,
"'Eli K.'" <elik@beyondsecurity.com>, <sunglasses@bay-watch.com>,
<bugtraq@securityfocus.com>
Date: Thu, 26 Feb 2004 10:41:11 -0800
In-Reply-To: <010901c3fbb6$e0238630$5b00005a@moregarlic.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200402261041.11193.dr@kyx.net>
> > To exploit this flaw (in explorer), simply place a malformed (invalid
> > "size" field) .emf file in any directory, open explorer to that path,
> > and view as Thumbnails. Bang. In it's simplest form it's a DOS - it
> > affects all explorer windows, including File Open dialogs for many
> > programs.
The february 04 issue of MaximumPC lists the following registry key
to tweak to help speed up your system. Seems to me this might have
other benefits besides speed. :-)
Remove Image Preview by deleting this key:
HKEY_Classes_Root\SystemFileAssociations\Image\ShellEx\ContextMenuHandlers\ShellImagePreview
cheers,
--dr
--
Top security experts. Cutting edge tools, techniques and information.
Vancouver, Canada April 21-23 2004 http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
