Microsoft's Windows Update fails to update libraries in the Microsoft Live Meeting 2007 client, so many are out of date and vulnerable.
20cdaa55225d9a1284a62c60d2000688b80d3f5784602f760b0d2237c8264521OpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.
4cc2e247a5f3aaa21b4f53170afeda08847ab6f3934f5cbbdf9af600f6da8c02With Windows 2000 Microsoft introduced the inheritance of access rights and new Win32-API functions like SetNamedSecurityInfo() which handle the inheritance. SetNamedSecurityInfo() but has a serious bug: it applies inheritable ACEs from a PARENT object to a target object even if it must not do so, indicated by the flags SE_DACL_PROTECTED and/or SE_SACL_PROTECTED in the security descriptor of the target object.
5d8b14a5d15a03df25e643a38f6f8f932a1379ba54d10e6864267f7ae5de12f3ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED.
54f5d64ee1cd2dd79069b4230112cc75945b8fa40239bce666ebe8abfa5d5c8bThe POSReady 2009 eval CD from Microsoft Download Center appears to show remnants of having been built on a system that may have been infested with malware.
98574b9c4e7396b432dee4fec8355515fa5bbf580d0c13b2c6b422247bf2f5c7Perfect PDF 7 Master and Reader both ship with outdated and vulnerable libraries.
14dde26f1a2df99002e81efe5c28e7c71adb7d2004dafc01c10244d4eb0397e2Essential PIM version 4.22 is shipping with multiple outdated and vulnerable libraries.
1c8068f330cbf75f9c18acb0f6c9b09b5389bace36fd4ae4a08117062a144c41TrendMicro versions prior to 2010-09-07 have vulnerable third party DLLs.
714c4a4a9b34ce3bd5f0c43e363fb65b8f51c199756fe9c5e1dd50ec1d1d49e7Omnipage 16 Professional comes with multiple vulnerable libraries.
81182e73df7e2898decf9709fca435949cd7bf71a986c1c7f7915ce2b3e721f6Intel just released updated drivers for ethernet network adapters and included vulnerable DLLs.
2d61079aa5de7f91d47ee50f51ecd83e31e574d6cf956d0fbccb4a78a6da9df1ISC released new BIND packages for Windows with vulnerable runtime DLLs. Brilliant.
9fbcfb929bbca62a9a57a83e890a4fa88a5123220c492b5bba320c36f285eac9OpenOffice version 3.1.1 for Windows distributes a vulnerable MSVC++ runtime.
89d0b35f44f8c148786b3a0146ccd8b24adaa25e1d8084356435ada311abe66dTerratec's TV software HomeCinema version 6.3 installs vulnerable and outdated DLLs.
c8d049d1777d95dfe2a9988b5a6d5b81d660efe73a3f7885f8c0e9f42bfbc7b1The T-Online software offered by Deutsche Telekom installs and includes the use of vulnerable DLLs.
56d4221ea40f2d628050bcd86316a09eb1feb07cbf4e033614de08ad87fc8d5fIt appears that Virtual Floppy Drive is susceptible to an old zlib vulnerability associated with version 1.2.2.
3daf388470e7d15edc4431b7389876a80edcbb536864ae8adc82a4c291b0bb1dThe Microsoft Windows binary of curl contains a vulnerable version of zlib.
23ffc0004b9551d2eac301f99d76817eaf4fd4cb36162d70811e58df6ded7a07The freeware version of Softwin's Bitdefender software contains a vulnerable version of zlib.
8e49cc4ec5ada844916e219cdc6a719f8e49e6f776aa8674aa60f48ab56c3486The Microsoft Windows binary GSV48W32.EXE of gsview contains a vulnerable version of zlib.
4f5970a0b756c59df38bb2646529f1f975572ff3992b0be14d2bee4befb49e8c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed