Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Perfect PDF products distributed with vulnerable MSVC++ libraries
From: Brad Hards <bradh () frogmouth net>
Date: Tue, 21 Jun 2011 21:22:17 +1000

On Sunday 19 June 2011 11:37:33 Stefan Kanthak wrote:
soft Xpansion <www.soft-xpansion.com> distributes their (freeware)
products "Perfect PDF 7 Master" and "Perfect PDF 7 Reader" (the
current files are dated 2011-05-10) with OUTDATED and VULNERABLE
Visual C++ 2008 runtime libraries VCRedist_x86.exe/VCRedist_x64.exe
version 9.0.30729.17 of 2008-08-08.

These libraries have been updated since then at least twice due to
vulnerabilities, see
Did you check if these vulnerabilities be exploited via this product? I'm not 
suggesting that its OK to distribute outdated libs, just to understand the 
risk a little more.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]