subject:"\[FD\] Executable installers are vulnerable\^WEVIL \(case 46\)\: Pelles C allows arbitrary code execution"

Re: [FD] Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution

2017-01-24 Thread Stefan Kanthak

"Ding Dong" wrote: Please stop top posting and full quotes! > Can you elaborate a bit on what special treatment windows gives installeres > named setup.exe? Run "NTSD.exe setup.exe" and see which DLLs Windows loads, and how they are loaded. Rename setup.exe to something.exe, run "NTSD.exe somet

Re: [FD] Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution

2017-01-23 Thread Ding Dong

Can you elaborate a bit on what special treatment windows gives installeres named setup.exe? On 21 January 2017 at 20:37, Stefan Kanthak wrote: > Hi @ll, > > the executable installers of "Pelle's C", > and, >

[FD] Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution

2017-01-22 Thread Stefan Kanthak

Hi @ll, the executable installers of "Pelle's C", and, , available from , are vulnerable to DLL hijacking: they load (tested on Windows 7) at least the fol