View Full Version : PG 3.0 and new IE Iframe vulnerability
LM1
November 9th, 2004, 08:11 AM
Does the full/free version of PG 3.0 address the recently disclosed (Secunia), and still unpatched, extremely critical IFRAME buffer overflow vulnerability in IE?
Andreas1
November 9th, 2004, 11:43 AM
-{ Quote: "Does the full/free version of PG 3.0 address the recently disclosed (Secunia), and still unpatched, extremely critical IFRAME buffer overflow vulnerability in IE?" }-
I don't think so. After all, it is IE modifying itself. Note that XP SP2 seems to prevent the exploit.
To quote the advisory:
-{ Quote: "
Solution:
The vulnerability does not affect systems running Windows XP with SP2 installed.
Use another product." }-
PG can't possibly plug all the MS holes, can it? ;P
HTH,
Andreas
Jason_DiamondCS
November 9th, 2004, 10:14 PM
If the vulnerability ends up running another process, then that can be blocked by ProcessGuard. But as Andreas said, you can't really prevent one application from modifying itself as is the case with some bugs.
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums