For XP users only:
TITLE: Microsoft Windows Image Rendering Denial of Service Vulnerability
SECUNIA ADVISORY ID: SA15064
RELEASE DATE: 2005-04-22
VERIFY ADVISORY: http://secunia.com/advisories/15064/
CRITICAL: Less critical
WHERE: From remote
IMPACT: DoS
OPERATING SYSTEM: Microsoft Windows XP Home Edition Microsoft Windows XP Professional
DESCRIPTION:
Andrew has discovered a vulnerability in Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the image rendering for overly large images. This can e.g. be exploited to crash a vulnerable system when a user views an image with overly large HTML size attributes in e.g. Internet Explorer.
The vulnerability has been confirmed on a fully patched Microsoft Windows XP SP2 system. Other versions may also be affected.
SOLUTION:
Do not view HTML content from untrusted sources while running critical applications.
Grant only trusted users access to affected systems.
REPORTED BY CREDITS: Andrew
Peter Kaulback -- -- I haven't failed, I've found 10,000 ways that don't work.
Thomas Edison (1847-1931) ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
