GPGLABS : Cyber Security, Internet Security, Tips GPGLABS : Information Security, Hacking News, Cyber Security, Network Security with in-depth technical coverage of issues and events
Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature. Unbelievably, this means CN="<h1>really?!?!?</h1>" actually works, and is pretty simple to convert into remote code execution. To verify this bug, I've attached a demo certificate for you. Please find attached …
Read More »Avast Antivirus: X.509 Error Rendering Command Execution
