Full Disclosure mailing list archives
Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis)
From: Eygene Ryabinkin <rea-sec () codelabs ru>
Date: Tue, 25 Nov 2008 13:51:20 +0300
Good day. Mon, Nov 24, 2008 at 03:17:05PM +0700, svrt wrote:
In Oct 2008, SVRT-Bkis has detected a serious buffer overflow vulnerability in ffdshow which affects all available internet browsers.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Really? And links, elinks, lynx, dillo and others are affected too? What about my Firefox that (I assume) has no ffdshow code inside it and there are no ffdshow-related plugins coupled to it? Is it vulnerable? I am really appreciate that you're searching for the issues and releasing advisories -- thanks for doing this! But, please, use the appropriate wording, or your advisories will lead to controversial feelings. Sorry for being a bit bluffy :( -- Eygene _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) svrt (Nov 24)
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) Nam Nguyen (Nov 24)
- Re: [SVRT-05-08] Critical BoF vulnerability found in ffdshow affecting all internet browsers (SVRT-Bkis) Eygene Ryabinkin (Nov 25)