WAVCi: JPeG Vulnerability Exploit

Saturday, September 25, 2004

JPeG Vulnerability Exploit

As I reported earlier, a vulnerability, which allows code execution, has been found in Microsoft's GDI+ JPEG decoder. Microsoft has posted detailed information on the vulnerability and affected systems in MS04-028.
A proof-of-concept exploit which executes code on the victim's computer when opening a JPG file has been posted to a public website.

<< Home

: Name: Eddy Willems; Location: Brussels, Belgium

I am professionally occupied with security and malware research, consultancy, training, media and PR. I now work as Security Evangelist for G Data Software AG. Formerly I worked for Kaspersky Lab and NOXS(Westcon). I'm also the Director External Security Industry Relationships for the EICAR organisation (European Institute for Computer Anti Virus Research). You can find a more detailed BIO on my website www.wavci.com

View my complete profile

Subscribe to my WEBLOG
Feedburner feed

or
RSS feed

Sasser author hired by a German Security Company ...
Problems with JPG images
WavciLab inside
WavciLab outside
New variants of MyDoom
Testing the application
The Beginning

WAVCi

Saturday, September 25, 2004

JPeG Vulnerability Exploit

About Me

Previous Posts