I'm getting a bit tired of throwing away these "security advisories".
Really, someone should install a whole load of popular applications, ensure any of them load their own files, and finally, thanks to a mass dependency check, ensure DWM is being loaded at runtime. At least, it would be just one email/thread to trash. On Tue, Sep 7, 2010 at 8:23 AM, Dan Kaminsky <d...@doxpara.com> wrote: > So, what's the security model around .ygwx files? > > > On Tue, Sep 7, 2010 at 1:57 AM, YGN Ethical Hacker Group > <li...@yehg.net>wrote: > >> The fixed version KeePass 2.13 has been released. >> >> http://keepass.info/news/n100906_2.13.html >> >> But failure to describe "DLL Hijacking was fixed". >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/