Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows

---

• From: Valdis.Kletnieks@xxxxxx
• Date: Thu, 27 Dec 2007 13:11:03 -0500

---

On Thu, 27 Dec 2007 10:05:08 EST, Elazar Broad said:

After some more analysis by Carsten Eiram @ Secunia, this is NOT exploitable.
I would like to apologize for the hasty post. SecurityFocus, please update bid
27026 to reflect the fact that at most, this can just crash the browser.

And sometimes you get stuck at 95% of the way there. ;)

Attachment: pgp5aQwVG9ciA.pgp
Description: PGP signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

---

• References:
  • Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows
    • From: Elazar Broad

• Prev by Date: [Full-disclosure] Multiple vulnerabilities in libnemesi 0.6.4-rc1
• Next by Date: Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows
• Previous by thread: Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows
• Next by thread: Re: [Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Full-Disclosure  > 2007-12