Microsoft is also using zlib in a couple of products. MS Office, IE, Front Page, DirectX (dunno what versions yet), MSN Messenger, and the next gen GDI on XP. Vulnerability? : "Microsoft representatives said that the software giant's security response team is investigating the zlib flaw and that some Microsoft applications use code from that compression library. However, the team hasn't yet determined which applications use the library and whether those applications are vulnerable." (From Cnet's News.Com article - http://news.com.com/2100-1001-860328.html ) Davis Ray Sickmon, Jr Owner, Midnight Ryder Technologies http://www.midnightryder.com ----- Original Message ----- From: "tele" <tele@duepi.it> To: <bugtraq@securityfocus.com> Sent: Wednesday, March 13, 2002 5:46 PM Subject: about zlib vulnerability > The vulnerable zlib 1.1.3 code can be even found on the freeswan > 1.95 source tree and previous versions, therefore there's a > potential vulnerability at kernel level; besides at the web site > http://www.freeswan.org the problem is not properly treated. > > regards, > > -- > eLv > >
