lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3EF88CEC.4010506@guninski.com>
From: guninski at guninski.com (Georgi Guninski)
Subject: Symantec ActiveX control buffer overflow

Cesar wrote:
> Vendor Status :
> 
> I really sorry Symantec i forgot about the 30-day
> grace period (see  "Security Vulnerability Reporting 
> and Response Process",
> http://www.oisafety.org/process.html), also i forgot
> to report it :)
> This is really funny Symantec try to protect users and
> they intruduce dangerous ActiveX controls in users
> computers. I think that maybe this control should be
> inroduced in Norton virus list :). I wonder if this
> advisory will be on Security Focus news or
> vulnerability database.
> 
> 

Did you post this to bugtraq, can't see it there?

There is funny self promoting msg on bugtraq from symantec regarding this bug.

georgi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ