lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <alpine.LNX.2.00.1008301313510.6244@forced.attrition.org>
Date: Mon, 30 Aug 2010 13:17:08 -0500 (CDT)
From: security curmudgeon <jericho@...rition.org>
To: YGN Ethical Hacker Group <lists@...g.net>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure
 DLL Hijacking Vulnerability (wintab32.dll)



: 1. OVERVIEW
: 
: The QtWeb Browser application is vulnerable to Insecure DLL Hijacking 
: Vulnerability. Similar terms that describe this vulnerability have been 
: come up with Remote Binary Planting, and Insecure DLL 
: Loading/Injection/Hijacking/Preloading.

: 3. VULNERABILITY DESCRIPTION
: 
: The QtWeb Browser application passes an insufficiently qualified path in 
: loading an external library, "wintab32.dll" when a user opens its 
: associated file with extensions - htm, html, mhtml.
: 
: 4. VERSIONS AFFECTED
: 
: 3.3 build 043 and lower

Virtually all Qt based applications will be vulnerable to this.

We've seen the first wave of reports of "X is vulnerable, looking for Y 
librari", but we haven't seen a lot of details or follow-up on where the 
inclusion of the library comes from. Popular libraries and cross-platform 
frameworks that are vulnerable, will in turn affect any product or 
software that uses them.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ