Who would have though Windows 10's WININET.dll could have an out-of-bounds read in HTTP response handling for two years?
-
-
Replying to @berendjanwever
#DailyBug#MSIE#Edge#WindowsMediaPlayer (others?) WININET CHttpHeaderParser::ParseStatusLine out-of-bounds readhttp://blog.skylined.nl/20161110001.html …2 replies 7 retweets 13 likes -
Replying to @berendjanwever
Why did I sit on this? I wanted to exploit it for $$$ from VCPs. But I never found time, so I reported it for free to MS.
1 reply 0 retweets 1 like
VCP = Vulnerability Contributor Programs. I don't sell exploits: I wanted to prove exploitability to sell to ZDI/iDefense/..
2:03 AM - 10 Nov 2016
0 replies
0 retweets
3 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.