Re: Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege

January 15, 2016 007admin Leave a comment

Posted by Stefan Kanthak on Jan 15

“Michel Arboi” <michel.arboi () gmail com> wrote:

See <http://seclists.org/oss-sec/2016/q1/58> alias CVE-2016-1281

And see <http://seclists.org/fulldisclosure/2015/Nov/101> again:

| almost all executable installers (and self-extractors as well
| as “portable” applications too) for Windows have a well-known
| (trivial, trivial to detect and trivial to exploit) vulnerability:

and has a vulnerable installer,…

007 Software

Re: Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege

Leave a Reply Cancel reply

Software and Security Information