Bugtraq mailing list archives
Re: about zlib vulnerability - Microsoft products
From: "Davis Ray Sickmon, Jr" <midryder () midnightryder com>
Date: Thu, 14 Mar 2002 16:25:26 -0600
Microsoft is also using zlib in a couple of products. MS Office, IE, Front Page, DirectX (dunno what versions yet), MSN Messenger, and the next gen GDI on XP. Vulnerability? : "Microsoft representatives said that the software giant's security response team is investigating the zlib flaw and that some Microsoft applications use code from that compression library. However, the team hasn't yet determined which applications use the library and whether those applications are vulnerable." (From Cnet's News.Com article - http://news.com.com/2100-1001-860328.html ) Davis Ray Sickmon, Jr Owner, Midnight Ryder Technologies http://www.midnightryder.com ----- Original Message ----- From: "tele" <tele () duepi it> To: <bugtraq () securityfocus com> Sent: Wednesday, March 13, 2002 5:46 PM Subject: about zlib vulnerability
The vulnerable zlib 1.1.3 code can be even found on the freeswan 1.95 source tree and previous versions, therefore there's a potential vulnerability at kernel level; besides at the web site http://www.freeswan.org the problem is not properly treated. regards, -- eLv
Current thread:
- about zlib vulnerability tele (Mar 14)
- Re: about zlib vulnerability Paul Wouters (Mar 14)
- Re: about zlib vulnerability - Microsoft products Davis Ray Sickmon, Jr (Mar 14)