Vulnerability Spotlight: Total Commander FileInfo Plugin Denial of Service

Talos is releasing an advisory for multiple vulnerabilities that have  been found within the Total Commander FileInfo Plugin. These vulnerabilities are local denial of service flaws and have been assigned CVE-2015-2869. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been disclosed to the plugin author(s) and CERT.  This post serves as a summary of the advisory. Credit for these discoveries belongs to Marcin Noga of Talos. TALOS-2015-024/CVE-2015-2869 An attacker who controls the content of a COFF Archive Library [...]

from Cisco Blog » Security http://ift.tt/1THlZqg