[SLUG] another MS security flaw ("image" that)

From: Pete S. (linux@myraandpete.net)
Date: Tue Sep 14 2004 - 21:41:49 EDT


For those that get a kick out of MS flaws. This allows a remote
attacker to take over a system... when the user views a jpg.

"This update resolves a newly-discovered, privately reported
vulnerability. A buffer overrun
<http://go.microsoft.com/fwlink/?LinkId=21142> vulnerability exists in
the processing of JPEG image formats that could allow remote code
execution on an affected system. The vulnerability is documented in this
bulletin in its own section.

If a user is logged on with administrator privileges, an attacker who
successfully exploited this vulnerability could take complete control of
an affected system, including installing programs; viewing, changing, or
deleting data; or creating new accounts with full privileges. Users
whose accounts are configured to have fewer privileges on the system
would be at less risk than users who operate with administrative
privileges."

http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:39:04 EDT