-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 07/01/2015 21:19, Alexandre Julliard wrote:
Pierre Schweitzer pierre@reactos.org writes:
On 07/01/2015 17:19, Marcus Meissner wrote:
I would say that exploiting by "crafted PE binary" is not in scope for CVE allocation for Wine, as you would not keep the crafted PE binary from doing "int 0x80" itself.
Well, by crafted PE binary, I mean, binary that would be designed to exploit such weaknesses. To corrupt memory, read from it or whatever.
That's the sort of thing I was alluding to in our private discussion. In the context of Wine, postulating a specially crafted binary doesn't make sense. Obviously such a binary doesn't need to exploit Wine to do anything it wants.
Likely my 'crafted' word was poorly chosen. Here, I refer to a binary designed to exploit the flaws in Wine, as it would be designed to exploit flaws in any library. The user excepts to run a sane binary, whereas said binary will actually use its running context to corrupt memory, attempt to cause a denial of service in Wine, and so on. As for any other exploit (be it for a lib or another tool).
Cheers, - -- Pierre Schweitzer <pierre at reactos.org> System & Network Administrator Senior Kernel Developer ReactOS Deutschland e.V.