[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GDI+ JPEG exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: GDI+ JPEG exploit
From: <albatross@xxxxxx>
Date: 6 Oct 2004 08:00:06 -0000


The SANS is warning to a JPEG image with MS04-028 overflow that downloads and 
executes a jpeg.exe file. The program modifies the registry and installs in 
autorun. It notifies the compromise to an IRC server and waits for commands. 

http://isc.sans.org/diary.php?date=2004-10-05

albatross

Prev by Date: [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal
Next by Date: Patch available for multiple high risk vulnerabilities in RealPlayer
Previous by thread: [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal
Next by thread: Patch available for multiple high risk vulnerabilities in RealPlayer
Index(es):
- Date
- Thread