Just in case you didn’t read it, found this one in the archives. A serious problem in the use of GPG to verify digital signatures has been discovered, which also affects the use of gpg in email. It is possible for an attacker to take any signed message and inject extra arbitrary data without affecting [...]
Tag Archive | "vulnerability"
Internet Storm Center’s always informative Diary has some good information. At the urging of Handler Extraordinaire Kyle Haugsness, I tested the sploit on a box with software-based DEP and DropMyRights… here are the results: Software-based DEP protecting core Windows programs: sploit worked Software-based DEP protecting all programs: sploit worked DropMyRights, config’ed to allow IE to [...]