[dba-Tech] AV product breaches

Steve Erbach erbachs at gmail.com
Sat Feb 26 10:12:56 CST 2005 

John,

FWIW, Jerry Pournelle has commented on his web site that all the focus
on C++ over the years is reaping the whirlwind, so to speak. That is,
with a more strongly typed language, there would be no such thing as
buffer overflows. Do you or does anyone else here have a feel for
that?

Steve Erbach


On Fri, 25 Feb 2005 15:45:06 -0600, John Bartow <john at winhaven.net> wrote:
> Just got this from Watchguard:
> 
> Trend Micro AV Ushers Hackers Right In
> 
> *
> <http://www.trendmicro.com/vinfo/secadvisories/default6.asp?VName=Vulnerabil
> ity+in+VSAPI+ARJ+parsing+could+allow+Remote+Code+execution> Trend Micro's
> ARJ Buffer Overflow Alert
> 
> A similar thin ghappened to Symantec a couple weeks ago:
> *        <http://xforce.iss.net/xforce/alerts/id/189> ISS X-Force's ARJ
> Buffer Overflow Alert
> 
> John B.

More information about the dba-Tech mailing list