[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability
- From: "labs-no-reply@xxxxxxxxxxxx" <labs-no-reply@xxxxxxxxxxxx>
- Date: Wed, 14 Dec 2005 17:58:09 -0500
Matt,
We don't disagree with you. The vulnerability lies in the Microsoft
Foundation Classes (MFC) static libraries. Trend Micro also acknowledges
this in their response. Unfortunately, Trend Micro's product
distributions are vulnerable since they ship with the old static libraries.
Michael Sutton
Director, iDefense Labs
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/