Computer Security
[EN] no-pyccku

Related information

  Microsoft Windows Explorer DoS

  Explorer WMF File Denial Of Service

From:3APA3A <3APA3A_(at)>
Subject:Few unreported vulnerabilities by SehaTo

Hello lists,

SehaTo  (sehato at yandex ru) reported few vulnerabilities in different
Windows  applications.  Original  messages (in Russian) may be found at

1. Microsoft Windows Explorer corrupted WMF vulnerability

Windows   explorer  (explorer.exe)  crashes  on  browsing  folder  with
corrupted WMF files.

SecurityVulns  note:  from  the very fast debugging results analysis on
Windows  XP  SP2, there is potential code execution possibility (memory
corruption),  because  attacker-controllable  data  is used to contruct
both  read  and write memory addresses. Deeper research of exploitation
possibility was not performed.

2. IfranView / Microsoft Office 2003 malformed WMF crash

IfranView  crashes  on  attempt to view malformed WMF, Microsoft Office
crashes on attempt to insert corrupted WMF file.

SecurityVulns note: because of relatively low impact, SecurityVulns did
no research on this vulnerability.

3. 2 different Microsoft Excel DoS conditions

2 different crashes in Microsoft Excel on parsing .XLS files (corrupted
XML and corrupted XLS formats).

SecurityVulns  note: vulnerabilities confirmed on Microsoft Excel 2003.
Both   vulnerabilities  are  of  NULL-pointer  dereference  type.  Code
execution is probably impossible.


About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod