Recent gdi32.dll vulnerabilities discovered by @j00ru lack a valid vector (selfhack?). Tons of issues there if allowed to write your own app
-
-
Replying to @hosselot
Disagree. CVE-2016-0168 and parts of CVE-2016-0169 are trivially exploitable in Internet Explorer.
2 replies 0 retweets 1 like -
The only requirement for CVE-2016-0170 and other parts of CVE-2016-0169 is that an EMF is played to a printer HDC, [cont]
1 reply 0 retweets 1 like -
a possibility which was not investigated thoroughly, but seems very likely to occur in many GDI clients.
2 replies 0 retweets 1 like
This is also in line with Microsoft's assessment.
3:24 AM - 18 May 2016
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.