This specific vulnerability is not exploitable due to the referenced code not being executed. I appologize for the misinformation. Updates to each vulnerability can be found here: http://www.vsecurity.com/bulletins/advisories/2007/afflib-toctou.txt http://www.vsecurity.com/bulletins/advisories/2007/afflib-overflows.txt http://www.vsecurity.com/bulletins/advisories/2007/afflib-shellinject.txt http://www.vsecurity.com/bulletins/advisories/2007/afflib-fmtstr.txt We are currently not aware of any additional exploitable flaws in AFFLIB. tim
This archive was generated by hypermail 2.1.3 : Mon Apr 30 2007 - 11:48:40 PDT