Re: [SECURITY] [DSA 2324-1] wireshark security update
On Fri, Oct 21, 2011 at 09:38:19AM +0200, A Mennucc wrote:
> On Thu, Oct 20, 2011 at 09:45:59PM +0200, Moritz Muehlenhoff wrote:
>> Package : wireshark
>> The Microsoft Vulnerability Research group discovered that insecure
>> load path handling could lead to execution of arbitrary Lua script code.
> How comes that Microsoft invests money in auditing open-source
> software?
Because they (would like to) use it, find it a valuable tool, but
would like to avoid it being an attack vector into their network?
Your guess is as good as mine.
--
Lionel
Reply to: