subject:"\[CVE\-2016\-0602, CVE\-2016\-0603\] Executable installers are vulnerable\^WEVIL \(case 24\)\: Oracle Java 6\/7\/8 SE and VirtualBox"

Re: [FD] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox

2016-02-10 Thread Jason Hellenthal

In 2019 you say huh. Damn future tellers !!! I need to get one of those !!! -- Jason Hellenthal JJH48-ARIN On Feb 5, 2016, at 15:50, Stefan Kanthak wrote: Hi @ll, the installers or Oracle's Java 6/7/8 for Windows and VirtualBox for Windows load and execute several DLLs from their "applicati

[CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox

2016-02-07 Thread Stefan Kanthak

Hi @ll, the installers or Oracle's Java 6/7/8 for Windows and VirtualBox for Windows load and execute several DLLs from their "application directory". * The online installer jxpiinstall.exe: UXTheme.dll and RASAdHlp.dll plus (on Windows XP) SetupAPI.dll, HNetCfg.dll and XPSP2Res.dll (on Win