Bugtraq mailing list archives
ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability
From: David Matousek <david () matousec com>
Date: Tue, 01 Aug 2006 11:57:56 +0200
BlackICE does not protect pamversion.dll in its installation directory. And also because its component protection fails to protect BlackICE processes this can be misused to inject fake DLL into BlackICE service. The whole advisory with more details and source code is available here http://www.matousec.com/info/advisories/BlackICE-DLL-faking-of-run-time-linked-libraries.php Regards, -- David Matousek Founder and Chief Representative of Matousec - Transparent security http://www.matousec.com/
Current thread:
- ISS BlackICE PC Protection DLL faking of run-time linked libraries Vulnerability David Matousek (Aug 01)