Posted by SkyLined on March 8th, 2010 in Browsers, Internet Explorer, Repro and Security ·
Quoting http://msdn.microsoft.com/en-us/library/aa930622.aspx:
typedef struct tagBITMAPINFOHEADER {
DWORD biSize;
LONG biWidth;
LONG biHeight;
WORD biPlanes;
WORD biBitCount
DWORD biCompression;
DWORD biSizeImage;
LONG biXPelsPerMeter;
LONG biYPelsPerMeter;
DWORD biClrUsed;
DWORD biClrImportant;
} BITMAPINFOHEADER;
“If the bitmap is a packed bitmap (a bitmap in which the bitmap array immediately follows the BITMAPINFO header and is referenced by a single pointer), the biClrUsed member must be either zero or the actual size of the color table.”
ANI files stores each frame of the animated cursor as a packed bitmap inside the ANI file…
Posted by SkyLined on January 20th, 2010 in Browsers, Internet Explorer, JavaScript, Programming Languages, Repro and Security ·
Two crashes caused by NULL pointer dereferences have been discovered in MSIE 6.0/7.0. These issues do not affect MSIE 8.0…
Posted by SkyLined on October 13th, 2009 in Browsers, Firefox, Plugins, Repro and Security ·
(a.k.a. CVE-2009-2983)
Adobe fixed a bug in various COM objects. Loading and unloading these objects in a webpage in Firefox allows memory corruption, which can be exploited to execute arbitrary code…
Posted by SkyLined on October 13th, 2009 in Browsers, Internet Explorer, Repro and Security ·
(a.k.a. MSRC 8769, MS09-054, CVE-2009-1547, “Data Stream Header Corruption Vulnerability”)
Microsoft fixed a bug in Internet Explorer’s “Content-Encoding:deflate” implementation…
