[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll

To: Dan Becker <geggam@xxxxxxxxx>
Subject: Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
From: Thierry Zoller <Thierry@xxxxxxxxxxxx>
Date: Thu, 31 Mar 2005 22:14:18 +0200

Dear Dan Becker,


DB>  view the source ... its an img tag
I haven't said otherwise.

We are speaking about a (yet to be proven) BufferOverflow and you
send a string the dll produces t some stage...

Scott Edwards asked for "the actual dll" as reply you send a file
which in fact is just a string. We (would) need binary here for it to
be usefull.


-- 
Thierry Zoller


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
  - From: Dan Becker
- Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
  - From: Thierry Zoller
- Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
  - From: Dan Becker

Prev by Date: Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
Next by Date: [Full-disclosure] BIOS Hacking?
Previous by thread: Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
Next by thread: Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
Index(es):
- Date
- Thread