--On Tuesday, February 24, 2009 2:42 PM -0500 "Kevin A. McGrail"
<kmcgr...@pccc.com> wrote:
I don't know. I don't think many people have much information about the
exploit.
The blog link I posted earlier indicates that it's the jbig2 decompression
code that fails with a crafted jbig2 object, and shows how to trigger it.
JavaScript is used to get malicious code onto the heap so that when the
object is decompressed, it crashes into the code. So even if you disable
JS, you still get a crash, just not an easy way to get it to jump to code
the attacker controls.
The patch (in the form of a replacement DLL) addresses the bug in the
decompresser, and causes a popup error message, instead.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
