[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] iDEFENSE Security Advisory 04.12.05: Microsoft Windows CSRSS.EXE Stack Overflow Vulnerability
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] iDEFENSE Security Advisory 04.12.05: Microsoft Windows CSRSS.EXE Stack Overflow Vulnerability
- From: monu@xxxxxxxxxxxx
- Date: Thu, 14 Apr 2005 10:03:47 +0200
Hello,
Beside the buffer overflow vulnerability, a DoS vulnerability is motioned as a
result of a CONSOLE_STATE_INFO struct containing all zero's (divide-by-zero).
Is this vulnerability also fixed MS05-018? MS05-018 doesn't say a word about it.
Thanks in advance,
-Monu
[This mail has been send from http://www.rootshell.be.]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/