> Malformed zip causes heap corruption in MAME memory. A specially-crafted file could > be used to execute arbitrary code with the privileges of the logged-on user. > > I have an example that produces a crash, but it's 900kb large.
Question for you in light of R. Belmont's reply from a week ago on pretty much this exact topic: are you bringing this up because of a concern as to how MAME may affect the overall security stance of a system, or because it's something that you believe to be a valid bug and feel that as such it should receive attention?
Just mentioning this because one would likely be a more effective avenue to take than the other in terms of remedying the situation.
|