|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
From: Sergio Alvarez (sergio.alvarez
nruns.com)
Date: Mon Sep 03 2007 - 06:39:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi all,
Just want to let you know that Sophos has updated their advisory:
http://www.sophos.com/support/knowledgebase/article/28407.html
To make things a bit more clear, it's a one byte overwrite in an
arbitrary location caused by an integer handling issue while parsing the
UPX file format.
The advisory at http://www.nruns.com/security_advisory.php will be
updated soon.
Cheers,
Sergio
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]