> What's the point of building a bunch of sources unless
> 1. you trust their author, or
> 2. you have made sure their is nothing malicious there?
>
> When you build an executable from untrusted sources, you get an untrusted
> executable. Either you run it and you're screwed anyway, or you don't r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
not up to you.
redsand wrote:
>
>
> like selling all my M$ Excel exploits
>
> [EMAIL PROTECTED] wrote:
>
> and me I think most FD members are desesperate of such newcomer
> comments, you have nothing to say interesting about his work he's
> doing bef
like selling all my M$ Excel exploits
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
and me I think most FD members are desesperate of such newcomer
comments, you have nothing to say interesting about his work he's
doing before you were born.
redsand wrote:
i thi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
and me I think most FD members are desesperate of such newcomer
comments, you have nothing to say interesting about his work he's
doing before you were born.
redsand wrote:
>
>
> i think the author of this advisory is desperate for advisories or
> a
On 1/19/06, redsand <[EMAIL PROTECTED]> wrote:
>
>
> i think the author of this advisory is desperate for advisories or
> attention.
Well maybe the guy was just misled because Microsoft led him to
believe it was something exciting? Either way it seems like anyone
could open a project file in note
On Tue, 17 Jan 2006, Morning Wood wrote:
> extract, and open hello.dsw
> click "batch build, build" or "rebuild all"
> code will execute ( calc.exe and notepad.exe used as
an example )
It's interesting, eh, that the current generation of
"developers" that MS has been ushering in since VB
inceptio
i think the author of this advisory is desperate for advisories or
attention.
either way he needs to open a disassembler and work on something else.
Pavel Kankovsky wrote:
On Tue, 17 Jan 2006, Morning Wood wrote:
extract, and open hello.dsw
click "batch build, build" or "rebuild all"
On Tue, 17 Jan 2006, Morning Wood wrote:
> extract, and open hello.dsw
> click "batch build, build" or "rebuild all"
> code will execute ( calc.exe and notepad.exe used as an example )
What's the point of building a bunch of sources unless
1. you trust their author, or
2. you have made sure their
> In all this, I am discounting the fact that if someone is building
> untrusted sources, (s)he is most likely going to run the untrusted
> program afterwards.
this does not run an untrusted program.
if you noted, I named it a "feature bug"
and my poc is a simple "hello world" sample
Judging from
On Tue, Jan 17, 2006 at 02:25:11PM -0800, Morning Wood wrote:
>
> - EXPL-A-2006-002 exploitlabs.com Advisory 048 -
>
>
> - MSVC 6.0 run file bug -
> IMPACT
Morning Wood wrote:
- EXPL-A-2006-002 exploitlabs.com Advisory 048 -
- MSVC 6.0 run file bug -
Nice thinking, Donnie. This must be the "new class of vuln
On 1/17/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I think ms wont fixe any bug in vstudio, I have told them if they will
> fix the vs2005 issue published recently and they said me exactly what
> is on your support page:
>
> "Only open pro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I think ms wont fixe any bug in vstudio, I have told them if they will
fix the vs2005 issue published recently and they said me exactly what
is on your support page:
"Only open project files that come from trusted sources."
or "Only open WMF files
- EXPL-A-2006-002 exploitlabs.com Advisory 048 -
- MSVC 6.0 run file bug -
AFFECTED PRODUCTS
=
Microsoft Visual Studio 6.0
http://microso
14 matches
Mail list logo
