Full Disclosure

Re: Executable installers are vulnerable^WEVIL (case 15):F-SecureOnlineScanner.exe allows arbitrary (remote) codeexecution and escalation of privilege

December 31, 2015 007admin Leave a comment

Posted by Stefan Kanthak on Dec 31

Mitja Kolsek <lists () acrossecurity com> wrote:

About 4 years earlier Microsoft published
<https://technet.microsoft.com/en-us/library/953818.aspx> in response
to <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2540>,
and Will Dormann from CERT/CC published
<https://insights.sei.cmu.edu/cert/2008/09/carpet-bombing-and-directory-poisoning.html>
a little later.

I’d rather say that Microsoft didn’t…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information