On 21/10/2011 09:38, A Mennucc wrote: > On Thu, Oct 20, 2011 at 09:45:59PM +0200, Moritz Muehlenhoff wrote: >> Package : wireshark >> Vulnerability : programming error >> Problem type : remote >> Debian-specific: no >> CVE ID : CVE-2011-3360 >> >> The Microsoft Vulnerability Research group discovered that insecure >> load path handling could lead to execution of arbitrary Lua script code. > > How comes that Microsoft invests money in auditing open-source > software? Just to say that they found (thus there are) more vulnerabilities in FLOSS software than in their proprietary products... :-P Gio. -- Giovanni Mascellani <mascellani@poisson.phc.unipi.it> Pisa, Italy Web: http://poisson.phc.unipi.it/~mascellani Jabber: g.mascellani@jabber.org / giovanni@elabor.homelinux.org
Attachment:
signature.asc
Description: OpenPGP digital signature