[NEWS] Image Causes Exploitable Overflow in Microsoft Products

[Mr.Guvernment]

Is it just me or does MS always say that "trigger a buffer overflow " for all of their issues they find? it is always it seems a buffer overflow issue....

+--------------------------------------------------------------------+
| Image Causes Exploitable Overflow in Microsoft Products |
| from the that's-a-spicy-picture dept. |
| posted by Zonk on Friday February 11, @15:10 (Security) |
| http://it.slashdot.org/article.pl?sid=05/02/11/1926227 |
+--------------------------------------------------------------------+

[0]Em Adespoton writes "Core Security researchers discovered that by electing a specially-crafted graphic as the user's display picture in MSN Messenger, an attacker could [1]trigger a buffer overflow vulnerability on the chat partner's computer. Through this, it is possible to covertly take over machines running instant messaging software. Windows Messenger and Windows Media Player are also affected by this vulnerability. The story is also available at [2]Newsfactor.com and [3]SearchSecurity.com."

Discuss this story at:
http://it.slashdot.org/comments.pl?sid=05/02/11/1926227

Links:
0. mailto:[email protected]
1. http://www.techtree.com/techtree/jsp/showstory.jsp?storyid=57598
2. http://www.newsfactor.com/story.xht...enger-Exploit-Code-Goes-Public&story_id=30397
3. http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1053012,00.html

 

[dicecca112]

yeah wasn't there just a fix for a image buffer overflow issue?

 

[L337 M33P]

The same buffer overflow vulnerability also exists in Opera. No updates yet