gdiplus.pl.txt

!/bin/perl 0-day crash poc gdiplus.dll by Mr.Niega Check out hex offset 2e play with the 2byte's, set it to 20 if you want a non crashing ico file Division by zero this POC tested with: win XP ENG sp2 And for SYS 49152 im that 0daysec guy ; Rename Poc.ico to Poc.png and have it as display picture...

CVE-2002-0500

Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size...

CVE-2002-0500

The CVE-2002-0500 entry describes a vulnerability in Internet Explorer 5.0–6.0 where a remote attacker can determine the existence of local files on a client by abusing an IMG tag with a dynsrc attribute that references the target file, causing the image object to reveal information such as file ...

CVE-2002-0500

Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size...

Retrieving information on local files in IE (GM#003-IE)

GreyMagic Security Advisory GM003-IE ===================================== By GreyMagic Software, Israel. 27 Mar 2002. Available in HTML format at http://security.greymagic.com/adv/gm003-ie/. Topic: Retrieving information on local files in IE. Discovery date: 18 Feb 2002. Affected applications:...