Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > DiamondCS JpegScan

Reply
Thread Tools

DiamondCS JpegScan

 
 
Rod S
Guest
Posts: n/a
 
      10-24-2004
Program to scan for Jpeg exploit....

http://www.diamondcs.com.au/jpegscan/

What is the MS04-028 JPEG exploit?
On September 14 2004, Nick DeBaggis discovered a buffer overrun
vulnerability in gdiplus.dll - a library used by many common applications
(including most Microsoft applications) for viewing JPEG images. Subsequent
analysis by the eEye team confirmed that the vulnerability could be
exploited to execute arbitrary code, allowing an attacker to gain control of
a remote system simply by enticing the victim to look at a specially-crafted
JPEG image. MS04-028 is the tracking code assigned by Microsoft to this
specific vulnerability.


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Are Diamondcs.com utilities the new Sysinternals? bettersolutiion@lookingnow.org Computer Support 0 12-22-2006 09:06 AM
DiamondCS Mike Saunders Computer Security 2 05-08-2004 10:49 AM



Advertisments