[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-disclosure] BO in http://rad.msn.com/ADSAdClient31.dll
From: Thierry Zoller <Thierry () sniff-em ! com>
Date: 2005-03-31 20:14:18
Message-ID: 1303254690.20050331221418 () Sniff-em ! com
[Download RAW message or body]
Dear Dan Becker,
DB> view the source ... its an img tag
I haven't said otherwise.
We are speaking about a (yet to be proven) BufferOverflow and you
send a string the dll produces t some stage...
Scott Edwards asked for "the actual dll" as reply you send a file
which in fact is just a string. We (would) need binary here for it to
be usefull.
--
Thierry Zoller
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic