16 Jan
2006
16 Jan
'06
2:32 p.m.
Wine isnt anymore vulnerable to the WMF exploit,
its fixed in the CVS.
Next step has to be a gdi sync.
first try:
http://www.winehq.org/pipermail/wine-patches/2006-January/023208.html
actual patch
http://www.winehq.org/pipermail/wine-patches/2006-January/023232.html
potential NULL pointer dereference:
http://www.winehq.org/pipermail/wine-patches/2006-January/023447.html
--- M Bealby <mbealby(a)gmail.com> a écrit :
In case you've had you're head in the sand
recently I'm sure you must
know about the recent WMF bug found in all recent versions of Windows.
The vulnerable function is in SetAbortProc and can be called from a
malicious WMF file as they include executable code by definition.
Windows automatically runs this a WMF file when previewing /
displaying - including from a web page!
WINE is also vulnerable, and still is. However, from a brief look at
Kind regards,
Sylvain Petreolle (aka Usurp)
--- --- --- --- --- --- --- --- --- --- --- --- ---
Tired of a proprietary Windows on your computer ?
Use free ReactOS instead ( http://www.reactos.org )