Who would have though Windows 10's WININET.dll could have an out-of-bounds read in HTTP response handling for two years?
-
-
Why did I sit on this? I wanted to exploit it for $$$ from VCPs. But I never found time, so I reported it for free to MS.
-
VCP = Vulnerability Contributor Programs. I don't sell exploits: I wanted to prove exploitability to sell to ZDI/iDefense/..
End of conversation
New conversation -
-
-
isn't that code used by anyone that uses Microsoft API to access through HTTP a server?
-
Quoting from advisory: "As far as I can tell WININET is widely used by Microsoft applications to handle HTTP requests."
-
I'll rewrite that to mention third party applications using WININET could also be affected, thanks.
-
Done, thanks again for pointing this out.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.