- 2/17/04 03:13 pm
-
no www.pods.lv komentaaros posteeta linka
nu nepagaaja ne nedeelja, kopsh nokliida windas source kodi, un jau pirmie augliishi ir redzami:
Microsoft Internet Explorer Integer Overflow in Processing Bitmap Files Lets Remote Users Execute Arbitrary Code,
ja saprotu sho aprakstu pareizi, tad browserim (IE 5.) downloadeejot pareizi uztaisiitu bitmapu mees varam plaaist jebkuru procesu uz vinja kompja ar taam tiesiibaam, ar kuraam juuzeris ir sho weblapu skatiijies, ... saapiigi ...
no kljuudas atradeeja e-mail pazinjojuma:.. Rrrrriiiiggghhhttt. Way to go, using a signed integer for an
offset. Now all we have to do is create a BMP with bfOffBits > 2^31,