Hi Thomas, my post is not to intend for malicious activities. In report I write that is usually for rc stage, discovery condition of this kind. Usually these ancient bugs, IMHO, may be used for support analysis based on binary diff using the historical releases of an application for obtain a delta of "critical" zone. But, again, it's only my opinion.
Thank you for your answer. Kind regards. On Wed, Sep 2, 2009 at 10:27 PM, Thomas Kristensen <[email protected]> wrote: > Hi, > > Thank you for the report. > > Based on the provided information, this is not a security issue (as > securityfocus wrongfully hasted to conclude), but rather a bug (in an > ancient > release candidate). > > If you have any further details, please send those to > [email protected]. > > -- > Kind regards, > > Thomas Kristensen > CTO > > Secunia > Weidekampsgade 14A > DK-2300 Copenhagen S > Denmark > > Phone: +45 7020 5144 > Fax: +45 7020 5145 > > Looking for a vulnerability research and reversing job? > http://secunia.com/corporate/jobs/open_positions/ > > > On Wed, 2009-09-02 at 21:15 +0200, exploit dev wrote: > > Hi > > I have detect, in some circumstance, a memory corruption issue in > > Secunia PSI (release candidate 3). > > The vendor was contacted without response. > > > > ...I know that this kind of issues in release candidate are not so > > rare but if you are interested check: > > > > > http://extraexploit.blogspot.com/2009/09/secunia-psi-rc3-undefined-memory.html > > > > > > Regards > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > --
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
