[VIM] "Google" vulnerable to WMF?

Matthew Murphy mattmurphy at kc.rr.com
Fri Jan 13 23:24:01 EST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

security curmudgeon wrote:
> 
> http://www.kb.cert.org/vuls/id/181038
> 
> Systems Affected
> 
> Vendor        Status        Date Updated
> 
> Google        Vulnerable    30-Dec-2005
> IrfanView    Vulnerable    4-Jan-2006
> Lotus Software    Unknown        4-Jan-2006
> Microsoft    Vulnerable    5-Jan-2006
> Mozilla, Inc.    Unknown        28-Dec-2005
> XnView        Vulnerable    4-Jan-2006

Google's "Desktop Search" products uses the susceptible component to
"size down" images for display when returning search results.  As a
result of this sizing down, the WMF exploit may be executed.

- --
"Social Darwinism: Try to make something idiot-proof,
nature will provide you with a better idiot."

                                -- Michael Holstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iD8DBQFDyHzhfp4vUrVETTgRAwR6AJ9uc/qmntgmAmvCuTBW80ljGAVgZQCgm1R7
2j/x+TtpA02xKfekY0N6qzU=
=5GxD
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3436 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.attrition.org/pipermail/vim/attachments/20060113/cc820dec/attachment.bin 


More information about the VIM mailing list