Full Disclosure

Re: Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

Leave a comment

Posted by Stefan Kanthak on Dec 26

“Shawn McMahon” <syberghost () gmail com> wrote:

0. why was F-Secure able to fix their bugs in their program?

1. which of the DLLs are loaded by the OS, which are loaded by their program?

2. what’s (not) wrong with
a) the OS?
b) <https://blogs.msdn.microsoft.com/oldnewthing/20101111-00/?p=12303>?
c) ALL executable installers and self-extractors?
d) <https://cwe.mitre.org/data/definitions/426.html>…

Leave a Reply