subject:"\[FD\] Executable installers are vulnerable\^WEVIL \(case 15\)\: F\-SecureOnlineScanner.exe allows arbitrary \(remote\) code execution and escalation of privilege"

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

2015-12-26 Thread Stefan Kanthak

"Shawn McMahon" wrote: > On Wed, Dec 23, 2015 at 7:13 AM, Stefan Kanthak > wrote: > >> Hi @ll, >> >> F-Secure's online virus scanner F-SecureOnlineScanner.exe, available >> via , >> loads and executes several rogue/bogus DLLs (UXTheme.

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

2015-12-23 Thread Justin Ferguson

I'd mostly argue this is a user problem given that many things you probably shouldn't be running out of your downloads directory, which is the crux of his base argument. That said, its not reasonable to expect users to entirely grok the nuances of such things, and so the easiest fix is probably for

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

2015-12-23 Thread NaxoneZ .

I think like Shawn, this is a SO problem: https://msdn.microsoft.com/es-es/library/windows/desktop/ff919712(v=vs.85).aspx Anyway the developers can mitigate this issue following the guidelines described in article. Regards. 2015-12-23 16:32 GMT+01:00 Shawn McMahon : > On Wed, Dec 23, 2015 at 7

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

2015-12-23 Thread Shawn McMahon

On Wed, Dec 23, 2015 at 7:13 AM, Stefan Kanthak wrote: > Hi @ll, > > F-Secure's online virus scanner F-SecureOnlineScanner.exe, available > via , > loads and executes several rogue/bogus DLLs (UXTheme.dll, HNetCfg.dll, > RASAdHlp.dll, Se

[FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

2015-12-23 Thread Stefan Kanthak

Hi @ll, F-Secure's online virus scanner F-SecureOnlineScanner.exe, available via , loads and executes several rogue/bogus DLLs (UXTheme.dll, HNetCfg.dll, RASAdHlp.dll, SetupAPI.dll, ClbCatQ.dll, XPSP2Res.dll, CryptNet.dll, OLEAcc.dll etc.

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

Re: [FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

[FD] Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege

5 matches

Site Navigation

Mail list logo

Footer information