WINE Still Vulnerable to WMF Exploit

Posted by Zonk on Friday January 6, 2006 @09:31AM from the patch-up-young-linux-users dept.

blast3r wrote to mention a ZDNet Blog posting by George Ou, stating that WINE is still vulnerable to the WMF flaw. From the article: "All applications launched inside Wine, Cedega, or Cross-Over Office are technically still exploitable. Wine runs on most x86 platforms, including Linux and the various BSDs. The surprising part about finding this flaw in Wine is that they implemented the entire Meta File API without realizing that this could be a security issue. Exploiting a Windows application running inside Wine depends on that application calling the vulnerable function with malicious data."

3 of 240 comments (clear)

Min score:

Reason:

Sort:

not really a bug... by farib · 2006-01-06 09:37 · Score: 0, Redundant

Just a feature, as usual !
Talk about bug-for-bug compatibility! by Kelson · 2006-01-06 09:38 · Score: 0, Redundant

I mean, I'd heard the phrase bandied about, but it looks like WINE actually achieved it with its WMF functions!
Re:Linix tained by M$ crap. ps3?!?!?! by chrisjwray · 2006-01-06 10:05 · Score: 0, Redundant

Is this supposed to be an SMS message or are some of the keys on your keyboard missing? Either way, what are you on about???