mailing list archives
Re: Perfect PDF products distributed with vulnerable MSVC++ libraries
From: Brad Hards <bradh () frogmouth net>
Date: Tue, 21 Jun 2011 21:22:17 +1000
On Sunday 19 June 2011 11:37:33 Stefan Kanthak wrote:
soft Xpansion <www.soft-xpansion.com> distributes their (freeware)
products "Perfect PDF 7 Master" and "Perfect PDF 7 Reader" (the
current files are dated 2011-05-10) with OUTDATED and VULNERABLE
Visual C++ 2008 runtime libraries VCRedist_x86.exe/VCRedist_x64.exe
version 9.0.30729.17 of 2008-08-08.
These libraries have been updated since then at least twice due to
Did you check if these vulnerabilities be exploited via this product? I'm not
suggesting that its OK to distribute outdated libs, just to understand the
risk a little more.