From: "Rich" 

This is a multi-part message in MIME format.

------=_NextPart_000_00D3_01C61701.CEBEBA50
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

   I am safe.  The issue is old and I don't remember the specifics =
enough to speculate on others.

   Going by eeye's claims, they aren't claiming the problem is =
exploitable.  Considering there aggressive self-promotion this suggests =
they don't know how.  Contrast this with the four quicktime bugs they =
just starter promoting or the two real player bugs they were promoting = in
November where they claim to be able to execute arbitrary code or = control
the program counter.

   If you search the internet you can find someone else who claims to =
have been looking at this before the bulletin release states

   The vulnerability may lead to remote code execution when specially =
crafted file
        is being parsed, however the exploitation is _hard_ due to the fact =
attacker
        doesn't control directly the data which will overwrite the heap =
block.
        However, it doesn't mean it can't be done :)


Rich

  "Mike N."  wrote in message =
news:6moas15aei42vld5qmlqaia6o00dbg2quc{at}4ax.com...
  Rich, were you, your family and  friends protected from MS06-002?   If =
so I
  want to know how.
     Thanks,
------=_NextPart_000_00D3_01C61701.CEBEBA50
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








   I am
safe.  =
The issue is old and I don't remember the =
specifics enough to=20
speculate on others.
 
   Going by
eeye's claims, =
they aren't=20
claiming the problem is exploitable.  Considering there
aggressive=20 self-promotion this suggests they don't know how. 
Contrast this = with the=20
four quicktime bugs they just starter promoting or the two real player = bugs they=20
were promoting in November where they claim to be able to execute = arbitrary code=20
or control the program counter.
 
   If you
search the internet =
you can=20
find someone else who claims to have been looking at this before the = bulletin=20
release states
 

   The vulnerability =
may lead to=20
  remote code execution when specially crafted file is being parsed, =
however=20
  the exploitation is _hard_ due to the fact attacker       doesn't =
control=20
  directly the data which will overwrite the heap block.    However, it =
doesn't=20
  mean it can't be done
:)
 
Rich
 

  "Mike N." <mike{at}u-spam-u-die.net>">mailto:mike{at}u-spam-u-die.net">mike{at}u-spam-u-die.net>
=
wrote in=20
  message news:6moas15aei4=
2vld5qmlqaia6o00dbg2quc{at}4ax.com...Rich,=20
  were you, your family and  friends protected from =
MS06-002?  =20
  If so Iwant to know how.   =
Thanks,

------=_NextPart_000_00D3_01C61701.CEBEBA50--

--- BBBS/NT v4.01 Flag-5