Home page logo

bugtraq logo Bugtraq mailing list archives

Re: about zlib vulnerability - Microsoft products
From: "Davis Ray Sickmon, Jr" <midryder () midnightryder com>
Date: Thu, 14 Mar 2002 16:25:26 -0600

Microsoft is also using zlib in a couple of products.  MS Office, IE, Front
Page, DirectX (dunno what versions yet), MSN Messenger, and the next gen GDI
on XP.  Vulnerability? : "Microsoft representatives said that the software
giant's security response team is investigating the zlib flaw and that some
Microsoft applications use code from that compression library. However, the
team hasn't yet determined which applications use the library and whether
those applications are vulnerable." (From Cnet's News.Com article -
http://news.com.com/2100-1001-860328.html )

Davis Ray Sickmon, Jr
Owner, Midnight Ryder Technologies

----- Original Message -----
From: "tele" <tele () duepi it>
To: <bugtraq () securityfocus com>
Sent: Wednesday, March 13, 2002 5:46 PM
Subject: about zlib vulnerability

The vulnerable zlib 1.1.3 code can be even found on the freeswan
1.95 source tree and previous versions, therefore there's a
potential vulnerability at kernel level; besides at the web site
http://www.freeswan.org the problem is not properly treated.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]