Another vuln, this time its PEiD.

NimDa2k · #1 01-30-2005, 13:35

Code:

 TITLE:
PEiD Import Library Name Handling Buffer Overflow

SECUNIA ADVISORY ID:
SA13984

RELEASE DATE:
2005-01-28

VERIFY ADVISORY:
http://secunia.com/advisories/13984/

CRITICAL:
Moderately critical

WHERE:
From remote

IMPACT:
System access

SOFTWARE:
PEiD 0.x

DESCRIPTION:
A vulnerability has been reported in PEiD, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the parsing of the PE (Portable Executable) import directory. This can be exploited to cause a buffer overflow via a specially crafted PE file containing overly long import library names.

Successful exploitation may allow execution of arbitrary code when a malicious PE file is opened.


SOLUTION:
Use another product.

Do not process untrusted files unless in a test environment.


REPORTED BY CREDITS:
Lord Yup


ORIGINAL ADVISORY:
iDEFENSE:
http://idefense.com/application/...?id=189&type=vulnerabilities

I Think This Bug Work's Only When I Connected To The Internet And i Use PEiD

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
A CRITICAL Firefox Vuln - Violation and local file stealing via PDF reader	TechLord	General Discussion	3	08-15-2015 15:39
Need help in exploiting a kernel vuln	SinaDiR	General Discussion	0	01-10-2011 23:21