Vulnerability Development mailing list archives
Re: Windows Vista winsat.exe Integer Overflow
From: Valdis.Kletnieks () vt edu
Date: Wed, 02 Apr 2008 22:33:07 -0400
On Wed, 02 Apr 2008 13:39:36 PDT, "Thor (Hammer of God)" said:
So, if you have someone who is going to run as administrator anyway, download the untrusted .exe, execute it, and then confirm the execution of the program without concern for what happens, we can't really fault the OS for that at this point in the game.
I wasn't faulting the OS - I was pointing out it's still a viable attack vector, despite the OS's best efforts to stop it.
Attachment:
_bin
Description:
Current thread:
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 01)
- RE: Windows Vista winsat.exe Integer Overflow Thor (Hammer of God) (Apr 02)
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 03)
- Message not available
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 04)
- Re: Windows Vista winsat.exe Integer Overflow Valdis . Kletnieks (Apr 03)
- RE: Windows Vista winsat.exe Integer Overflow Thor (Hammer of God) (Apr 02)