[VIM] VUPEN Security Research - Microsoft Windows Shell Graphics BMP "width" Integer Overflow Vulnerability
security curmudgeon
jericho at attrition.org
Mon May 23 16:18:15 CDT 2011
: VUPEN Security Research - Microsoft Windows Shell Graphics BMP "width"
: Integer Overflow Vulnerability
: The vulnerability is caused by an integer overflow error in the Windows
: Shell graphics processor when parsing the "width" value within BMP
: images, which could be exploited by remote attackers to compromise a
: vulnerable system by tricking a user into opening or previewing a
: malformed Office file or browsing to a network share, UNC, or WebDAV
: location containing a specially crafted image.
: Apply the MS11-006 security update.
: http://www.vupen.com/english/advisories/2011/0018
: http://www.microsoft.com/technet/security/bulletin/MS11-006.mspx
The MS11-006 advisory only crosses to CVE-2010-3970. This was originally
disclosed 2010-12-15 during a presentation called 'A Vulnerability in My
Heart' by Moti & Xu Hao. It was further written about by Dan Goodin of The
Register on 2011-01-04. The conference it was presented at was actually
sponsored by VUPEN, among others.
I am curious about your disclosure timeline:
: 2011-01-15 - Vulnerability Discovered by VUPEN
Is this correct? You discovered it almost a month later, and published
less details in your advisory than iDefense did on 2011-02-08?
Brian
OSVDB.org
More information about the VIM
mailing list