The following simple payload from the project can be included in any of these files to execute code when reading an XPS file:
It is also possible to use other extensions as long as the appropriate types have been defined in the “. NET is used to process a number of XML documents within the XPS files.Ī sample XPS file structure can look like this: File.xps\DiscardControl.xmlįile.xps\Documents\1\Pages\_rels\1.fpage.relsįile.xps\Documents\1\_rels\įile.xps\Metadata\Job_PT-inq圓ql9shqm2dc_mcqr93k5g.xmlįile.xps\Metadata\SharedEmpty_PT-cn4rss5oojtjhxzju9tpamz4f.xmlįile.xps\Resources\Fonts\0D7703BF-30CA-4254-ABA0-1A8892E2A101.odttfįile.xps\Resources\Images\00F8CA61-B050-4B6A-AFEF-139AA015AC08.pngįile.xps\_rels\įiles with the “.fdseq”, “.fdoc”, and “.fpage” use the XAML serialisation process in. Technical AnalysisĮach XPS file contains a number of files such as images, fonts, or XML contents in compressed format. The identified issues could also be helpful as bridged gadgets when exploiting XAML deserialisation related issue. The patched issue could be useful to exploit any code that deals with the XPS file using. NET to show the XPS files and therefore it was not affected. In addition to this the XPS Viewer application does not use. Microsoft has made the XPS Viewer application optional in the latest versions of Windows 10 by default (a clean install of Windows 10 version 1803 or above). XPS files are used as a replacement for the PDF format, but it has never become as widespread as PDF. Although the patch for CVE-2020-0605 was released in January 2020, it was incomplete and an additional update was released in May 2020. Microsoft patched a number of deserialisation issues using the XPS files.
0 kommentar(er)
