> If, say, DWM.dll is exploitable, why not point *that* out rather than > point out the many applications that are using it (wrongly)? >
As I might have said in earlier mail, I have to do this so that vulnerability news site such as secunia , securiteam authors can get enough information for each application. Most of them do it automatically. They can't process vulnerability posts like "Multiple Vulnerabilities". They have to extract each item. If you take a look at OSVDB, they will put each item of vulnerability that belongs to each item. DLL Hijack posts are not to spam but to be served for that purpose. You should filter it. Everybody thinks that their ideas, actions, thinkings are right. And everyone has his pride and ego. You can never control someone's way of doing. You can just tell it, watch it or ignore it. You can block all DLL Hijack posts if you 0wn this list. Thanks for your patience. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/