[Full-disclosure] AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows

[reepex]

On Dec 25, 2007 5:29 PM, Elazar Broad <elazarb at earthlink.net> wrote:

> The AOL YGP Picture Editor Control(AIM PicEditor Control) version 9.5.1.8suffers from multiple exploitable buffer overflows in various properties.
> This object is marked safe for scripting. I have not tested other versions.
> PoC as follows:
>


How does a bunch of 'A's prove something is exploitable?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20071225/71a9be38/attachment.html