Vulnerability In SecureOL VE2 v1.05.1008 Sep 07 2005 12:42PM
maxim secureol com

VE2 provides two separate virtual environments (Secured and Public(
To ensure corporate security and to provide secured and free access to
the WEB while protecting the enterprise.

Windows 16-bit execution support allows direct access to physical
memory through \\PhysicalMemory device (which is actually a section) for
legacy NTVDM and Virtual Real Mode of the processor, accessing physical
memory from Public Environment provides direct bridge to Secured
Environment processes memory.

Proof of concept:

Vulnerability submitted by Joe Stewart,

Patch Released:
23.08.05 - VE2 v1.05.1009

The information has been provided by Maxim Vainstein: maxim (at) secureol (dot) com [email concealed]

For more information: http://www.secureol.com

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus