| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 1 Jun 2009 18:18:52 -0000 From: loginit@...il.com To: bugtraq@...urityfocus.com Subject: Zemana Antilogger 1.9.2 DoS attack Severity: Critical Title: Zemana Antilogger: Denial of Service Date: May 30, 2009 Vers:1.9.2.102 ID: 200905-30 StreAmeR - 2009 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in Zemana Antilogger, allowing for a Denial of Service. Background ========== Zemana AntiLogger has a new, powerful way to protect your PC from malware attacks. Affected packages ================= Vers:1.9.2.102 and old versions. Description =========== Attempts to terminate the process by sending Close messages (called WM_CLOSE and SC_CLOSE) to all windows in the target process. This method only works if 1) the target process has at least one window, and 2) the target process doesn't handle the WM_CLOSE/SC_CLOSE message . Impact ====== Attacker could send specially crafted messages to the windows of the target process, resulting in a crash. Workaround ========== There is no known workaround at this time. Resolution ========== No current solution.
Powered by blists - more mailing lists