16 Jan
2006
16 Jan
'06
7:53 p.m.
We do not have SetAbortProc implement at all.
With other word it is unimplement. And it is nothing to
be worry for.
----- Original Message -----
From: "Sylvain Petreolle" <spetreolle(a)yahoo.fr>
To: "ReactOS Development List" <ros-dev(a)reactos.org>
Sent: den 16 January 2006 15:32
Subject: RE: [ros-dev] WMF Bug / SetAbortProc
Wine isnt anymore vulnerable to the WMF exploit,
its fixed in the CVS.
Next step has to be a gdi sync.
first try:
http://www.winehq.org/pipermail/wine-patches/2006-January/023208.html
actual patch
http://www.winehq.org/pipermail/wine-patches/2006-January/023232.html
potential NULL pointer dereference:
http://www.winehq.org/pipermail/wine-patches/2006-January/023447.html
--- M Bealby <mbealby(a)gmail.com> a écrit :
In case you've had you're head in the sand
recently I'm sure you must
know about the recent WMF bug found in all recent versions of Windows.
The vulnerable function is in SetAbortProc and can be called from a
malicious WMF file as they include executable code by definition.
Windows automatically runs this a WMF file when previewing /
displaying - including from a web page!
WINE is also vulnerable, and still is. However, from a brief look at
Kind regards,
Sylvain Petreolle (aka Usurp)
--- --- --- --- --- --- --- --- --- --- --- --- ---
Tired of a proprietary Windows on your computer ?
Use free ReactOS instead ( http://www.reactos.org )
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev