decompression vulnerabilty in AV softwares

a bug is found in most AV softwares during decompression of very high compression ratio files. details can be found here.

for testing purpose you can download the "decompression boms" from here.

 

No problems with Mozilla 1.7 or with NOD32 or avast!...

 

have you tested those products against those bombs? mainly the linux flavoures were tested in this report. anyone downoading and testing it against the latest Windows version should do it on a spare machine as it might trigger some serious crash.

 

I tried the 100MB GIF bomb. Nothing happened in Mozilla 1.7,picture loaded as normal (it was only red all over the screen)

 

thanks for testing RejZor. waiting for the AV tests.

 

AMRX...
Don´t you have headache with that avatar? So, you don´t need pic-bomb to get it! :] He, he! no problems here also with NOD32 v.2.
Cheers!

backfolder.-

 

AVK passes all tests.

 

I would test with all of them,but i don't know how to get them all with one click. I tried web ripper and FTP client,but i cannot access pub folder content heh. Downloading one by one is killing slow hehe

 

this is the way i usually end up working! now that you've mentioned it i'm feeling a slight pain on my forehead. i like this avataar i got it from Dmitry Kutsanov. dear RejZor try IExplorer and use "PASV mode for FTP" if you have a firewall.