Re: Re: Begs a question: AV in Linux (correction)
- From: Antoine Martin <antoine@xxxxxxxxxxxxx>
- Date: Mon, 06 Feb 2006 18:11:08 +0000
Is a little misleading:True for buffer overflows.
wine - Just because a windows exploit exists in windows, does not mean it exists in wine.
For example - if windows has a buffer exploit somewhere in its dlls,
that does not mean it will exist in wine (and vice-versa). This isThe code will differ but the interface won't (or shouldn't) and if the
because the wine team is re-implementing the windows API without
looking at the windows code, and the implementations will differ.
virus uses that interface to get its hooks, it will still work:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106
"the same vulnerability as CVE-2005-4560 but in a different codebase."
Not correct in the least - openoffice can't run word macros (althoughI think the point was about the potential danger of macros in general
you can chose to preserve them).
and the fact that an AV will spot them quite easily.
Antoine
- References:
- Re: Re: Begs a question: AV in Linux (correction)
- From: blahblah
- Re: Re: Begs a question: AV in Linux (correction)
- Prev by Date: Re: Begs a question: AV in Linux (correction)
- Next by Date: Re: Re: Begs a question: AV in Linux (correction)
- Previous by thread: Re: Begs a question: AV in Linux (correction)
- Next by thread: Re: Re: Begs a question: AV in Linux (correction)
- Index(es):
Relevant Pages
|
