[Wine] Wine and the WMF exploit
ap2003 at libero.it
ap2003 at libero.it
Mon Jan 9 15:13:19 CST 2006
There are rumors [1] about Wine suffering from the same WMF vulnerability [2] recently discovered and fixed in Windows systems.
By looking at recent commits, I understand this is probably fixed in CVS, but does anyone have more information?
1) Is a Microsoft-free system theoretically vulnerable? If I use Wine on GNU/Linux (no native Windows DLLs) to run a .exe image viewer and open a malicious WMF file with it, am I -in theory- vulnerable?
2) If yes, how big is the gap between theory and practice? Can I expect to find exploits in the real world, as it already happens for Windows?
3) What would be at stake if I run a vulnerable Wine version? Wine's fake Windows drive? My entire GNU/Linux home directory?
[1]http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041066.html
[2]http://www.microsoft.com/technet/security/bulletin/ms06-001.mspx
Thank you for your answer,
Andrea.
More information about the wine-users
mailing list