About Wine Security
Alexandre Julliard
julliard at winehq.org
Wed Jan 7 14:19:12 CST 2015
Pierre Schweitzer <pierre at reactos.org> writes:
> On 07/01/2015 17:19, Marcus Meissner wrote:
>> I would say that exploiting by "crafted PE binary" is not in scope
>> for CVE allocation for Wine, as you would not keep the crafted PE
>> binary from doing "int 0x80" itself.
>
> Well, by crafted PE binary, I mean, binary that would be designed to
> exploit such weaknesses. To corrupt memory, read from it or whatever.
That's the sort of thing I was alluding to in our private discussion. In
the context of Wine, postulating a specially crafted binary doesn't make
sense. Obviously such a binary doesn't need to exploit Wine to do
anything it wants.
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list